On 07/15/2016 08:17 AM, Zeal Vora wrote:
> Hi
> 
> In our Internal VA, Vulnerability Assessment tools generates the HTTP TRACE / 
> TRACK method in IPA as a medium based vulnerability.
> 
> Is there a need to allow those two methods in IPA ?
> 
> If not, what is the optimal way to disable those methods ?
> 
> 
> Thanks,
> Zeal

Hello Zeal,

I think it should be safe disabling these methods in FreeIPA Apache
configuration - I do not think FreeIPA uses them.

I added your remark to
https://fedorahosted.org/freeipa/ticket/4431
This is where we plan to harden the FreeIPA Apache instance. If you have any
other ideas that were not captured in the ticket yet, please feel free to share
them with us!

Thanks,
Martin

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to