So i will tryi to updated with some tips on securing apache as I stumbel over them.
This will be the first one in not so many I hope (Apache will be secure )
I always scan my servers every month with Openvas as one of my PCI-DSS task. And this week I locking down my Apache servers.
Add this in you vhost file ore in the welcome.conf file and rerun you scan.
TraceEnable off
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F]