Forum Discussion
2 Replies
Sort By
something like
when HTTP_REQUEST { if { ( [HTTP::method] equals "OPTIONS" ) } { TCP::close } }
would do the trick.
though i would question if this really is a vulnerability and not some pen test report remark that you could challenge. it can of course also be solved on the webserver, but simply turning it off.
- muhammadsaleemcNimbostratus
But pen test person is saying that this is not resolving this issue. How to challenge them.