Hot Downloads

Welcome, Guest
Username: Password: Remember me


Disable HTTP METHODS in IIS 9 years 6 months ago #21300

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
Our webserver is reported as allowing the TRACE HTTP METHOD which isn't a recommended setting for a secure environment. Does anyone know how to disable the thing in IIS 6 ? I have found an article on Microsoft's site that points to a registry key however this doesn't seem to work.

Click here for Microsoft link.

Also tried the web.config file, this didn't work.

Thanks in advance.


FYI To find out what HTTP METHODS a weberver has, do the following;

1. Telnet to the webserver on Port 80
2. (without the qoutes) type "OPTIONS / HTTP/1.1" press enter
3. (without the qoutes) type "Host: website address" press enter
4. may need to press enter again.

website address = a fully qulified domain name of the website

Wayne Murphy Team Member

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit or PM me for details.
The administrator has disabled public write access.
Time to create page: 0.082 seconds


Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V


  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup