How to disable HTTP trace option for WAF/Web Server in UTM 9.603-1

 Update: The following KBA has been published to help outline these steps:

• Sophos UTM: How to disable HTTP trace option for WAF/Web Server

 Hi Peter Collins,

I found this was disabled by default on my LAB UTM that is running latest firmware so I had to enable it to provide you the steps to disable it. 

Steps to disable HTTP trace on UTM are as followed:

You have to get SSH access fist of all and than run these commands:

cc

127.0.0.1 MAIN > reverse_proxy

127.0.0.1 MAIN reverse_proxy > trace_enabled$
1
127.0.0.1 MAIN reverse_proxy/trace_enabled (BOOL) > =0
result: 1
0

PS: Please type exit to exit from the CC.

127.0.0.1 MAIN reverse_proxy/trace_enabled (BOOL) > exit

Note: Making any change to the reverse_proxy configuration will restart the service so if it is production environment, please do it during after hours. 

Thanks,

Thanks for providing the answer!

I prefer to do this at the command line instead of using the interactive mode of cc where it's easier to make a mistake.

cc set reverse_proxy trace_enabled 0

Confirm with:

cc get reverse_proxy trace_enabled 

Cheers - Bob
PS Please add an exit command in your answer so that the user quits interactive cc.  Also, request the author of the KBA to do the same.

Hi BAlfson, 

Thank you for noticing it. I was the initial author of the KB Article. I will send an email to KBA team to update the KB Article.

Thanks,

Hi BAlfson, 

Thank you for noticing it. I was the initial author of the KB Article. I will send an email to KBA team to update the KB Article.

Thanks,