How to disable the Trace/Track Methods on IIS 5.0

Question

User-314194920 posted

Hello,

I wonder if there is any way to disable the Trace Method on IIS 5 without using the URL SCAN?

My Server Specs:

O.S: Windows Sever 2000

IIS: 5.0

Thanks!

Sandro Roussenq de Sá

Answer 1

User-460007017 posted

Hi sandroroussenq,

I'm afraid it is not available to achieve this in IIS 5. In IIS 7 and above version we could achieve this by adding the trace method to request filter deny verb. In IIS5, URL scan should be the only way to achieve this. Considering IIS5 is expired, it is recommended to update the OS to use IIS 7 and above version.  I'd like to know why don't you use the URL scan.

https://docs.microsoft.com/en-us/iis/configuration/system.webServer/security/requestFiltering/verbs/

Best Regards,

Yuk Ding

Answer 2

User690216013 posted

sandroroussenq

I wonder if there is any way to disable the Trace Method on IIS 5 without using the URL SCAN?

If you intend to disable trace method for security, then please dump Windows 2000 and IIS 5 totally. That's really the biggest security issue you should handle.

Like the Microsoft engineer suggested, upgrade to a supported Windows release (like Windows Server 2016).

Without that further discussion would be meaningless.

Answer 3

User-314194920 posted

Hello Yuk Ding,

Thank you so much for your reply!

Best Regards,

Sandro Sá

Answer 4

User-314194920 posted

Hello lextm,

Thank you so much for your reply!

Best Regards,

Sandro Sá