[
https://issues.jboss.org/browse/WFLY-4610?page=com.atlassian.jira.plugin....
]
Darran Lofthouse commented on WFLY-4610:
----------------------------------------
FYI this is not a support portal, this is the issue tracking tool to track bug reports and
feature requests against our projects.
To receive official support you would require a JBoss EAP subscription which will also
give you access to raise support cases through the customer portal provided you use EAP:
-
https://developers.redhat.com/products/eap/overview/
Alternatively we provide forums that can be used for the community to discuss issues they
are experiencing and assist each other.
http://wildfly.org/gethelp/
Disable HTTP TRACE method by default on https
---------------------------------------------
Key: WFLY-4610
URL:
https://issues.jboss.org/browse/WFLY-4610
Project: WildFly
Issue Type: Bug
Components: Web (Undertow)
Reporter: Dan Hooper
Assignee: Stuart Douglas
A vulnerability scan tool found that the HTTP TRACE method is enabled on our wildfly
server. I could not find any information about disabling TRACE on wildfly. Previous
versions of JBOSS had disabled TRACE by default.
The problem seems to only exist when using HTTPS.
I have linked to a stack overflow post about this topic.
http://stackoverflow.com/questions/28568730/how-to-disable-trace-track-ht...
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)