Sfdwhf

What to do when being responsible for data protection in your lab, yet advice is ignored?

Avoiding morning and evening handshakes

How to add multiple differently colored borders around a node?

Which aircraft had such a luxurious-looking navigator's station?

Quenching swords in dragon blood; why?

A Wacky, Wacky Chessboard (That Makes No Sense)

Where is this triangular-shaped space station from?

Proof by Induction - New to proofs

Word to be used for "standing with your toes pointing out"

Why zero tolerance on nudity in space?

raspberry pi change directory (cd) command not working with USB drive

How do Japanese speakers determine the implied topic when none has been mentioned?

Can chords be played on the flute?

Eww, those bytes are gross

How much time does it take for a broken magnet to recover its poles?

Predict mars robot position

Why is commutativity optional in multiplication for rings?

Wanted: 5.25 floppy to usb adapter

Sometimes a banana is just a banana

If all harmonics are generated by plucking, how does a guitar string produce a pure frequency sound?

Is divide-by-zero a security vulnerability?

What's the rationale behind the objections to these measures against human trafficking?

How to satisfy a player character's curiosity about another player character?

What is the purpose of easy combat scenarios that don't need resource expenditure?

where to add code for disabling OPTIONS method in apache

Setting path for apacheApache 2.4 for Production Environmentadd X-Robots-Tag to apache configI want to enable Apache in serving files from eSATA . ubuntu 14.04. Home serverAm I using correctly Options directive on Apache?I'm getting this “You should replace this file (located at /var/www/html/index.html)” after update to v14.4 ubuntuPHP Code is not running on my Apache serverPHP code not showing on Apache 2.4Disabling LetsEncrypt on ApacheWhere should I put the Apache headers?

0

a web application security assessment recommends me to disable OPTIONS method on the webserver

im running Apache/2.2.22(ubuntu)

The solution i found so far was to add this certain code.

RewriteEngine on

RewriteCond %{THE_REQUEST} !^(POST|GET) /.* HTTP/1.1$

RewriteRule .* - [F]

im quite confused where to add this specific code, i have 3 .conf on my /etc/apache2

• apache2.conf


• httpd.conf


• ports.conf

do i just add the snippet anywhere inside the .conf file?

---

[edit]

after adding the config on my apache2.conf OR httpd.conf im getting this error when i try to restart

Invalid command 'RewriteCond', perhaps misspelled or defined by a module not included in the server configuration

Action 'configtest' failed.



The Apache error log may have more information.

   ...fail!

---

[edit2]

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">

<html><head>

<title>301 Moved Permanently</title>

</head><body>

<h1>Moved Permanently</h1>

<p>The document has moved <a href="http://192.168.5.1/web/">here</a>.</p>

<hr>

<address>Apache/2.2.22 (Ubuntu) Server at 192.168.5.1 Port 80</address>

</body></html>

server apache2

share|improve this question

edited Dec 12 '13 at 7:18

user1666411

asked Dec 12 '13 at 6:42

user1666411user1666411

23139

bumped to the homepage by Community♦ 8 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Are you using virtual hosts for your sites?
  
  – Rahil Wazir
  Dec 12 '13 at 6:47
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  no. i just access my website by 'IP/website'
  
  – user1666411
  Dec 12 '13 at 6:53
  

  
  
  
  

add a comment | 

0

a web application security assessment recommends me to disable OPTIONS method on the webserver

im running Apache/2.2.22(ubuntu)

The solution i found so far was to add this certain code.

RewriteEngine on

RewriteCond %{THE_REQUEST} !^(POST|GET) /.* HTTP/1.1$

RewriteRule .* - [F]

im quite confused where to add this specific code, i have 3 .conf on my /etc/apache2

• apache2.conf


• httpd.conf


• ports.conf

do i just add the snippet anywhere inside the .conf file?

---

[edit]

after adding the config on my apache2.conf OR httpd.conf im getting this error when i try to restart

Invalid command 'RewriteCond', perhaps misspelled or defined by a module not included in the server configuration

Action 'configtest' failed.



The Apache error log may have more information.

   ...fail!

---

[edit2]

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">

<html><head>

<title>301 Moved Permanently</title>

</head><body>

<h1>Moved Permanently</h1>

<p>The document has moved <a href="http://192.168.5.1/web/">here</a>.</p>

<hr>

<address>Apache/2.2.22 (Ubuntu) Server at 192.168.5.1 Port 80</address>

</body></html>

server apache2

share|improve this question

edited Dec 12 '13 at 7:18

user1666411

asked Dec 12 '13 at 6:42

user1666411user1666411

23139

bumped to the homepage by Community♦ 8 mins ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Are you using virtual hosts for your sites?
  
  – Rahil Wazir
  Dec 12 '13 at 6:47
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  no. i just access my website by 'IP/website'
  
  – user1666411
  Dec 12 '13 at 6:53
  

  
  
  
  

add a comment | 

a web application security assessment recommends me to disable OPTIONS method on the webserver

im running Apache/2.2.22(ubuntu)

The solution i found so far was to add this certain code.

RewriteEngine on

RewriteCond %{THE_REQUEST} !^(POST|GET) /.* HTTP/1.1$

RewriteRule .* - [F]

im quite confused where to add this specific code, i have 3 .conf on my /etc/apache2

• apache2.conf


• httpd.conf


• ports.conf

do i just add the snippet anywhere inside the .conf file?

---

[edit]

after adding the config on my apache2.conf OR httpd.conf im getting this error when i try to restart

Invalid command 'RewriteCond', perhaps misspelled or defined by a module not included in the server configuration

Action 'configtest' failed.



The Apache error log may have more information.

   ...fail!

---

[edit2]

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">

<html><head>

<title>301 Moved Permanently</title>

</head><body>

<h1>Moved Permanently</h1>

<p>The document has moved <a href="http://192.168.5.1/web/">here</a>.</p>

<hr>

<address>Apache/2.2.22 (Ubuntu) Server at 192.168.5.1 Port 80</address>

</body></html>

server apache2

share|improve this question

edited Dec 12 '13 at 7:18

user1666411

asked Dec 12 '13 at 6:42

user1666411user1666411

23139

RewriteEngine on

RewriteCond %{THE_REQUEST} !^(POST|GET) /.* HTTP/1.1$

RewriteRule .* - [F]

Invalid command 'RewriteCond', perhaps misspelled or defined by a module not included in the server configuration

Action 'configtest' failed.



The Apache error log may have more information.

   ...fail!

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">

<html><head>

<title>301 Moved Permanently</title>

</head><body>

<h1>Moved Permanently</h1>

<p>The document has moved <a href="http://192.168.5.1/web/">here</a>.</p>

<hr>

<address>Apache/2.2.22 (Ubuntu) Server at 192.168.5.1 Port 80</address>

</body></html>

share|improve this question

edited Dec 12 '13 at 7:18

user1666411

asked Dec 12 '13 at 6:42

user1666411user1666411

23139

share|improve this question

edited Dec 12 '13 at 7:18

user1666411

asked Dec 12 '13 at 6:42

user1666411user1666411

23139

asked Dec 12 '13 at 6:42

user1666411user1666411

23139

asked Dec 12 '13 at 6:42

user1666411user1666411

23139

1 Answer
1

active

oldest

votes

0

If you have configured vhosts for your site you can add inside your required vhosts. If not you can simply add to httpd.conf if not exists add to apache2.conf file.

share|improve this answer

edited Dec 12 '13 at 7:13

answered Dec 12 '13 at 6:54

Rahil WazirRahil Wazir

16938

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  ok, so after i add the code. how do i check if its implemented? or how do i check if the code is working?
  
  – user1666411
  Dec 12 '13 at 6:58
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  You can make request using curl to your website like PUT DELETE they will surely give 403 Forbidden except for POST, GET.
  
  – Rahil Wazir
  Dec 12 '13 at 7:01
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  hi, can you check my edit above? i seem to be getting some kind of error when i try to add the code and restart the server.
  
  – user1666411
  Dec 12 '13 at 7:07
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Try to add in apache2.conf and where you have pasted the code? Please add code to the last line of document. It seems working here.
  
  – Rahil Wazir
  Dec 12 '13 at 7:10
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  sorry i didn't know that i need to enable rewrite first. it accepts the code. now im getting 301 Moved Permanently
  
  – user1666411
  Dec 12 '13 at 7:43
  

  
  
  
  

 | 
show 2 more comments

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f389611%2fwhere-to-add-code-for-disabling-options-method-in-apache%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

0

If you have configured vhosts for your site you can add inside your required vhosts. If not you can simply add to httpd.conf if not exists add to apache2.conf file.

share|improve this answer

edited Dec 12 '13 at 7:13

answered Dec 12 '13 at 6:54

Rahil WazirRahil Wazir

16938

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  ok, so after i add the code. how do i check if its implemented? or how do i check if the code is working?
  
  – user1666411
  Dec 12 '13 at 6:58
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  You can make request using curl to your website like PUT DELETE they will surely give 403 Forbidden except for POST, GET.
  
  – Rahil Wazir
  Dec 12 '13 at 7:01
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  hi, can you check my edit above? i seem to be getting some kind of error when i try to add the code and restart the server.
  
  – user1666411
  Dec 12 '13 at 7:07
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Try to add in apache2.conf and where you have pasted the code? Please add code to the last line of document. It seems working here.
  
  – Rahil Wazir
  Dec 12 '13 at 7:10
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  sorry i didn't know that i need to enable rewrite first. it accepts the code. now im getting 301 Moved Permanently
  
  – user1666411
  Dec 12 '13 at 7:43
  

  
  
  
  

 | 
show 2 more comments

0

If you have configured vhosts for your site you can add inside your required vhosts. If not you can simply add to httpd.conf if not exists add to apache2.conf file.

share|improve this answer

edited Dec 12 '13 at 7:13

answered Dec 12 '13 at 6:54

Rahil WazirRahil Wazir

16938

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  ok, so after i add the code. how do i check if its implemented? or how do i check if the code is working?
  
  – user1666411
  Dec 12 '13 at 6:58
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  You can make request using curl to your website like PUT DELETE they will surely give 403 Forbidden except for POST, GET.
  
  – Rahil Wazir
  Dec 12 '13 at 7:01
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  hi, can you check my edit above? i seem to be getting some kind of error when i try to add the code and restart the server.
  
  – user1666411
  Dec 12 '13 at 7:07
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Try to add in apache2.conf and where you have pasted the code? Please add code to the last line of document. It seems working here.
  
  – Rahil Wazir
  Dec 12 '13 at 7:10
  
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  sorry i didn't know that i need to enable rewrite first. it accepts the code. now im getting 301 Moved Permanently
  
  – user1666411
  Dec 12 '13 at 7:43
  

  
  
  
  

 | 
show 2 more comments

If you have configured vhosts for your site you can add inside your required vhosts. If not you can simply add to httpd.conf if not exists add to apache2.conf file.

share|improve this answer

edited Dec 12 '13 at 7:13

answered Dec 12 '13 at 6:54

Rahil WazirRahil Wazir

16938

share|improve this answer

edited Dec 12 '13 at 7:13

answered Dec 12 '13 at 6:54

Rahil WazirRahil Wazir

16938

answered Dec 12 '13 at 6:54

Rahil WazirRahil Wazir

16938

answered Dec 12 '13 at 6:54

Rahil WazirRahil Wazir

16938