在Apache服务器上禁用HTTP选项 [英] Disable OPTIONS HTTP on Apache Server
本文介绍了在Apache服务器上禁用HTTP选项的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
Request:
OPTIONS / HTTP/1.1
Host: webcat.staci.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21
Accept: */*
Response:
HTTP/1.1 200 OK
Date: Thu, 01 Oct 2015 12:24:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Allow: GET,HEAD,POST,OPTIONS,TRACE
Vary: Accept-Encoding,User-Agent
Content-Length: 0
Keep-Alive: timeout=7, max=95
Connection: Keep-Alive
Content-Type: httpd/unix-directory
Set-Cookie: BIGipServerwebcat-ssl=192938503.47873.0000; path=/; httponly; secure
我想在我的Apache服务器上禁用HTTP OPTIONS,但是我想保留 GET
, POST
,并且我想 PING
我的服务器.
i want to disable HTTP OPTIONS on my Apache Server but i want to keep GET
, POST
and i want to PING
my server.
我该怎么做?
我的httpd.conf:
my httpd.conf:
RewriteEngine On
RewriteCond %{REQUEST_METHOD} !^ (GET,POST,HEAD)
RewriteRule .* – [R=405,L]
推荐答案
OPTIONS方法不能使用RewriteCond禁用.您必须使用LimitExcept指令禁用它.
OPTIONS method cannot be disabled using RewriteCond. You must disabled by using LimitExcept directive.
下面是可以在Apache配置之外添加的代码段:
Below is the snippet could be added on outside of the of the Apache configuration:
<Location />
<LimitExcept GET POST>
order deny,allow
deny from all
</LimitExcept>
</Location>
请不要忘记重新启动Web服务器:)
Please do not forget to re-start the web server :)
这篇关于在Apache服务器上禁用HTTP选项的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文