at this point you might be thinking that I'm paranoid with web security
but I found out that it's a good practice to block undesired HTTP Methods on Apache, in order to avoid some threats and increase the security of your server.
All you gotta do is:
1. open the httpd.conf file
2. load the rewrite module adding this line:
Código: Seleccionar todo
LoadModule rewrite_module modules/mod_rewrite.so
Código: Seleccionar todo
RewriteEngine On
Código: Seleccionar todo
RewriteCond %{REQUEST_METHOD} ^(PUT|PATCH|DELETE|COPY|HEAD|LINK|UNLINK|PURGE|LOCK|UNLOCK|PROPFIND|VIEW|TRACE|TRACK|OPTIONS)
RewriteRule .* - [F]
Now you can go to Postman (software that allows you to send some HTTP requests and test your applications) and try to send any of these methods, it will return a 403 - Forbidden Error.
and that's it!