Dangerous HTTP methods are allowed in SharePoint

Hi All,

We are checking internet exposed SharePoint portal from a vulnerability assessment tool for security issues. The tool reports HTTP method TRACE is enabled and also POST PUT DELETE CONNECT are allowed. 

we are thinking of disabling this with a URL scan http://learn.iis.net/page.aspx/473/using-urlscan

Will this be ok to do in SharePoint 2013? Are there any other impact?

February 9th, 2015 9:05am

I'm pretty sure that'll kill a lot of behaviour.

Do you have an experienced Pen testing expert to help you read the results and understand the implications?

Why is this in the search forum?

Free Windows Admin Tool Kit Click here and download it now
February 9th, 2015 9:19am
will move this to correct forum.
February 10th, 2015 1:49am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics