The PUT method allows an attacker to upload arbitrary web pages on the server. If the server is configured to support scripts like ASP or PHP, it will allow the attacker to execute code with the privileges of the web server.
The DELETE method allows an attacker to delete arbitrary content from the web server.
Currently I am using IIS 8.0. & hosting multiple applications on it.
How to disable the PUT and/or DELETE method in the web server configuration ?
Thanks in advance...