如何禁用http的delete put trace 方法

1、Apache在httpd.conf添加如下配置:

<Location "/">
   AllowMethods GET POST
</Location>

参考:https://httpd.apache.org/docs/2.4/mod/mod_allowmethods.html

2、Nginx在nginx.conf中进行如下设置

if ($request_method !~ ^(GET|HEAD|POST)$ ) {
return 403;
}

You may also like...

发表评论

电子邮件地址不会被公开。 必填项已用*标注