11.1 Only defined HTTP Request methods are accepted

Verify that the application accepts only a defined set of required HTTP request methods, such as GET and POST are accepted, and unused methods (e.g. TRACE, PUT, and DELETE) are explicitly blocked.

Levels: 1, 2, 3