Adobe Experience Manager Sites & More

Swapnil_S · 3/31/22

The HTTP methods TRACE and/or TRACK are enabled in the AEM Cloud similar to the GET, PUT and POST HTTP methods.

Trace and track are for server debugging and I want to avoid any exposure to the internet.

Any inputs on disabling HTTP methods TRACE and/or Track for AEM cloud service would be appreciated. Thanks all!

Jörg_Hoh · 4/3/22

You can explicitly disable it in your dispatcher configuration (see https://httpd.apache.org/docs/2.4/mod/core.html#limit)

View solution in original post

Jörg_Hoh · 4/3/22

You can explicitly disable it in your dispatcher configuration (see https://httpd.apache.org/docs/2.4/mod/core.html#limit)

kailasnadhu90 · 7/7/22

Getting below error:
Apache configuration uses non-allowlisted directives:
conf.d/available_vhosts/XYZ.vhost:47: <Limit>

Jörg_Hoh · 7/13/22

IIRC the use of this configuration statement should be flagged by the dispatcher validation tool. In case it is, please raise a support ticket to ask if this statement could be allowed.

Adobe Experience Manager Sites & More

Disable HTTP methods TRACE and/or TRACK for AEM Cloud Service.

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe