We run a secure web service using your SunONE Application Server. The latest version of the Nessus network scanner reports that there is a vunerability in the web server. How do I disable the TRACE and TRACK HTTP methods so that the web server won't respond to them.
Please have a look at this site:
Sun Alert ID: 50603
Synopsis: Sun ONE/iPlanet Web Server Enable HTTP TRACE Method by Default
Product: iPlanet Web Server, Sun ONE Web Server
Date Released: 11-Feb-2003
Date Closed: 11-Feb-2003
The link above did not work for me, but this seems to be the replacement: