HTTP Methods Allowed (per directory)

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.

Synopsis :

This plugin determines which HTTP methods are allowed on various CGI

Description :

By calling the OPTIONS method, it is possible to determine which HTTP
methods are allowed on each directory.

As this list may be incomplete, the plugin also tests - if 'Thorough
tests' are enabled or 'Enable web applications tests' is set to 'yes'
in the scan policy - various known HTTP methods on each directory and
considers them as unsupported if it receives a response code of 400,
403, 405, or 501.

Note that the plugin output is only informational and does not
necessarily indicate the presence of any security vulnerabilities.

Solution :


Risk factor :


Family: Web Servers

Nessus Plugin ID: 43111 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now