My security team communicated that we are vulnerable to "Apache HTTP TRACE / TRACK Methods Allowed" issue, How to fix it? What is Apache TRACE and TRACK methods TRACE and TRACK are two HTTP methods used to debug web applications. These methods could be leveraged by malicious users to perform Cross-site Tracing attacks which are used to bypass authentication token protections. Disabling the TRACE and TRACK methods Add the line "TraceEnable off" if not already present to the httpd … [Read more...] about How to disallow or disable HTTP TRACE and TRACK requests in httpd (Apache)