Our webserver is reported as allowing the TRACE HTTP METHOD which isn't a recommended setting for a secure environment. Does anyone know how to disable the thing in IIS 6 ? I have found an article on Microsoft's site that points to a registry key however this doesn't seem to work.
Click
here
for Microsoft link.
Also tried the web.config file, this didn't work.
Thanks in advance.
Wayne
FYI To find out what HTTP METHODS a weberver has, do the following;
1. Telnet to the webserver on Port 80
2. (without the qoutes) type "OPTIONS / HTTP/1.1" press enter
3. (without the qoutes) type "Host:
website address" press enter
4. may need to press enter again.
website address = a fully qulified domain name of the website
Cheers
