get the complete client's request headers

raven74 · May 31, 2009

Is there any way of getting the complete client's request headers including the first line?

I want to ban users from sending TRACE, TRACK etc request headers to my site. I know this can be done in apache but I don't have permission to modify those files.

For example write in terminal:

telnet mysite.com 80

TRACE / HTTP/1.0

The above sends a TRACE header to the server that I would like to ban.

Can this be done with PHP?

anupamsaha · May 31, 2009

Is there any way of getting the complete client's request headers including the first line?

I want to ban users from sending TRACE, TRACK etc request headers to my site. I know this can be done in apache but I don't have permission to modify those files.

For example write in terminal:
telnet mysite.com 80

TRACE / HTTP/1.0
The above sends a TRACE header to the server that I would like to ban.

Can this be done with PHP?

You can easily do it through .htaccess file in the root.

Please read:

http://www.askapache.com/htaccess/apache-htaccess.html

http://corz.org/serv/tricks/htaccess2.php

raven74 · May 31, 2009

I use mod_rewrite for other things but it won't work for REQUEST_METHOD. I tried putting this code in the root of my site but it won't work.

RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]

roopurt18 · May 31, 2009

Take a look at this page and the comments:

http://www.php.net/manual/en/function.apache-request-headers.php

They might steer you in the right direction.

Sign In

get the complete client's request headers

Recommended Posts

raven74

Link to comment

Share on other sites

anupamsaha

Link to comment

Share on other sites

raven74

Link to comment

Share on other sites

roopurt18

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information