Disable HTTP Options on RabbitMQ

169 views
Skip to first unread message

Dion Debono

unread,
Aug 16, 2023, 10:05:38 AM8/16/23
to rabbitmq-users
Hi

Our vulnerability scanner is flagging the HTTP OPtions Method Enabled vulnerability on the AMQ server.
AMQ version is 3.11.13.

How can I disable the HTTP OPTIONS?

Thanks

kjnilsson

unread,
Aug 16, 2023, 10:11:20 AM8/16/23
to rabbitmq-users
Does the documentation help?

Dion Debono

unread,
Aug 18, 2023, 3:10:33 AM8/18/23
to rabbitmq-users

Thanks for your feedback
I will test this out but the documentation specifies the frame options.  I am not sure  if that is the same as HTTP OPTIONS.

Marcial Rosales

unread,
Aug 21, 2023, 5:27:52 AM8/21/23
to rabbitmq-users
So far it is not possible to disable this method. Can you share which information is considered as as "vulnerable"? Thru this method RabbitMQ shares various fields. Are all of them vulnerable? Could it be an alternative to exclude some fields not entire OPTIONS method?
Reply all
Reply to author
Forward
0 new messages