I will be having the IIS servers I manage audited by a computer security company next week. The servers are very secure and I put a lot of time into keeping them that way. In anticipation of next week's test I ran one of my vulnerability scans last night using Nessus. Everything checks out fine with the exception of; "It seems that the DELETE method is enabled on your web server Although we could not exploit this, you'd better disable it Solution : disable this method Risk factor : Medium It seems that the DELETE method is enabled on your web server Although we could not exploit this, you'd better disable it Solution : disable this method Risk factor : Medium"
This is only present on a few of the servers. After some digging on google I discovered that "methods" such as GET, PUT, DELETE are defined through IIS script mappings. I have checked out the script mappings on the machines that show the vulnerability and I cannot find "DELETE" defined in any of the mappings. I am starting to think it maybe a nessus false positive but for my own piece of mind is there anywhere else this method could be disabled? Or is it really a nessus false positive.. Thanks josh
