I am just a regular user, but I don’t see how a Django setting could possibly modify some such a setting on the web server. I would just learn how to write that EB command and take it from there. …I suppose you could try writing a Python function or a Django command that will append your desired setting to the .htaccess file when you run it.
From: [email protected] [mailto:[email protected]] On Behalf Of Sandeep Patil Sent: Friday, November 4, 2016 12:27 PM To: Django users Subject: Re: Django ponycheckup check up results Dear all, Noone else here who has this issue? Really would like to learn how this works. Thanks, Sandeep On Saturday, September 17, 2016 at 9:29:29 PM UTC+2, Sandeep Patil wrote: Dear All, I checked my django site a security ponycheckup at ponycheckup.com<http://ponycheckup.com> and I got 90%, which is good. However I am stuck at resolving the error " Web server allows TRACE Your web server allows the TRACE method. This is not good, as it rarely serves a purpose, and can be used in cross-site scripting attacks." I tried to look around for answers and most of them had solutions for modifying htaccess file. Since I use AWS EB, I dont want to manually modify any server files (because they get overwritten and writing a EB command looks very hacky). Is there a Django way of resolving this issue (some setting in settings.py)? -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To post to this group, send email to [email protected]<mailto:[email protected]>. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/1c3425eb-1e44-4297-8d3b-7925b5c24313%40googlegroups.com<https://groups.google.com/d/msgid/django-users/1c3425eb-1e44-4297-8d3b-7925b5c24313%40googlegroups.com?utm_medium=email&utm_source=footer>. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/398c2ea5261b41e6a4f8fd10da750ab1%40ISS1.ISS.LOCAL. For more options, visit https://groups.google.com/d/optout.
