PROBLEMAnother security scanner program such as Nessus discovers that the GFI LanGuard Apache communication server has the 'HTTP Trace / Track Methods' vulnerability even though it it up to date.
- GFI LanGuard 2012 or newer
- All supported environments
SOLUTIONThis vulnerability alerts you to the fact that the TRACE function is active. You can disable the TRACE function in the GFI LanGuard Apache communication server.
In the procedure below XX in the folder name corresponds to the GFI Languard version number.
Follow these steps:
- Navigate to the following folder in your LanGuard installation directory:
- for a 64 bit OS: C:\Program Files (x86)\GFI\LanGuard XX Agent\Httpd\conf\
- for a 32 bit OS: or C:\Program Files\GFI\LanGuard XX Agent\Httpd\conf\
- Edit the file httpd.conf in notepad
- Search for the line: Listen 80
- Add a line immediately after it with the text TraceEnable off
- Restart the GFI LanGuard Attendant service