Why does my web server software disallow PUT and DELETE requests?

by

Often web servers will be configured to block anything except GET and POST since
99% of the time they’re all that are needed and there have been problems in the
past with applications assuming the requests were one of those two.

You don’t say which server it is but, for example, you can tell Apache which
methods to allow with the directive:

eg:

<Limit POST PUT DELETE>
  Require valid-user
</Limit>

It sounds like maybe some helpful sysadmin has used this to block non GET/POST

You could try an .htaccess with

<Limit GET POST PUT DELETE>
  Allow from all
</Limit>

(I’m not an expert at apache, this may not be exactly correct)

More Related Contents:

  1. What is the difference between POST and PUT in HTTP?
  2. Is an entity body allowed for an HTTP DELETE request?
  3. REST HTTP status codes for failed validation or invalid duplicate
  4. URL matrix parameters vs. query parameters
  5. Which status code should I use for failed validations or invalid duplicates?
  6. Detecting the character encoding of an HTTP POST request
  7. Proper REST response for empty table?
  8. Content-Length header with HEAD requests?
  9. Which HTTP methods match up to which CRUD methods?
  10. HTTP status code for a partial successful request
  11. What is the difference between HTTP and REST?
  12. Doing a HTTP PUT from a browser
  13. REST response code for invalid data
  14. Custom HTTP Authorization Header
  15. RESTful Alternatives to DELETE Request Body
  16. Payloads of HTTP Request Methods
  17. REST, HTTP DELETE and parameters
  18. Can I stream a file upload to S3 without a content-length header?
  19. Should I use PATCH or PUT in my REST API?
  20. Is REST DELETE really idempotent?
  21. How can I deal with HTTP GET query string length limitations and still want to be RESTful?
  22. What is the proper HTTP response to send for requests that require SSL/TLS
  23. What exactly is RESTful programming?
  24. What is idempotency in HTTP methods?
  25. Is there a practical HTTP Header length limit?
  26. Why do I need to use http.StripPrefix to access my static files?
  27. What is httpinterceptor equivalent in angular2?
  28. Best way to support “application/x-www-form-urlencoded” post data with WCF?
  29. What is a safe maximum length a segment in a URL path should be?
  30. Go http.Get, concurrency, and “Connection reset by peer”

Leave a Comment