please see this image:
How can I secure HEAD, OPTIONS, DELETE, PUT, TRACK, CUSTOM on my Apache
I want fix all this issues.
For Apache your looking for the LimitExcept clause.
This gets added to your conf files.
You can get more here: core - Apache HTTP Server Version 2.4
Here is probably a better example: Limiting Access Based on HTTP Methods | Restricting Website Access with Apache 2 | InformIT
If you need an actual snippet of a configuration file with this set let me know but I am probably not on the most current version.
Tahnks I solved with this:
<Location /> Order allow,deny Allow from all <LimitExcept HEAD POST GET> Deny from all </LimitExcept></Location>
Retrieving data ...