In order to improve the security of your site (and your users), you should disable the TRACE method from your web server. This method has no real-life usage and can be misused for XST (cross-site tracing) attacks.

That is how you can disable it on Apache (via .htaccess):

<IfModule mod_rewrite.c>
  RewriteEngine On 
  RewriteRule .* - [F]

These documents explain it in detail:

Sucuri Customers

Note that all CloudProxy users are already protected against it.

If you have any questions, please contact our research team at