If mod_proxy is commented out but you are using php5. Tried putting this statement http.allowed_methods = GET & POST into /*/php.ini But it had no effect? The best solution was to add an location declarative with a LimitExcept. The location in the httpd-conf where to place this is very important.
First find this in the conf file
#
# Each directory to which Apache has access, can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
#
# First, we configure the "default" to be a very restrictive set of
# permissions for directories.
#
<Directory />
Options FollowSymLinks
AllowOverride None
Order allow,deny
Deny from all
</Directory>
Then add the following right after it and restart apache to activate.
# Second, we configure the "default" Location to restrict the methods
allowed
# to stop CONNECT method attacks.
#
<Location />
<LimitExcept GET POST>
Order allow,deny
Deny from all
</LimitExcept>
</Location>
All CONNECT requests from this point on will get a status code of 403
Forbidden for both perl and php CONNECT attacks.