How to block TRACK and TRACE requests with Apache
To block TRACK and TRACE requests to an Apache webserver use the following config in every virtual host:RewriteEngine on
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]
You actually only need to block TRACE with Apache as it does not support TRACK requests by default.
Last updated: 06/03/2006