raven74 Posted May 31, 2009 Share Posted May 31, 2009 Is there any way of getting the complete client's request headers including the first line? I want to ban users from sending TRACE, TRACK etc request headers to my site. I know this can be done in apache but I don't have permission to modify those files. For example write in terminal: telnet mysite.com 80 TRACE / HTTP/1.0 The above sends a TRACE header to the server that I would like to ban. Can this be done with PHP? Quote Link to comment Share on other sites More sharing options...
anupamsaha Posted May 31, 2009 Share Posted May 31, 2009 Is there any way of getting the complete client's request headers including the first line? I want to ban users from sending TRACE, TRACK etc request headers to my site. I know this can be done in apache but I don't have permission to modify those files. For example write in terminal: telnet mysite.com 80 TRACE / HTTP/1.0 The above sends a TRACE header to the server that I would like to ban. Can this be done with PHP? You can easily do it through .htaccess file in the root. Please read: http://www.askapache.com/htaccess/apache-htaccess.html http://corz.org/serv/tricks/htaccess2.php Quote Link to comment Share on other sites More sharing options...
raven74 Posted May 31, 2009 Author Share Posted May 31, 2009 I use mod_rewrite for other things but it won't work for REQUEST_METHOD. I tried putting this code in the root of my site but it won't work. RewriteEngine On RewriteCond %{REQUEST_METHOD} ^TRACE RewriteRule .* - [F] Quote Link to comment Share on other sites More sharing options...
roopurt18 Posted May 31, 2009 Share Posted May 31, 2009 Take a look at this page and the comments: http://www.php.net/manual/en/function.apache-request-headers.php They might steer you in the right direction. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.