documentation.HELP! Apache Server 2.4 Documentation

mod_allowmethods - Apache HTTP Server Version 2.4

Apache Server 2.4

previous page next page

Modules | Directives | FAQ | Glossary | Sitemap

Apache HTTP Server Version 2.4

Apache > HTTP Server > Documentation > Version 2.4 > Modules

Apache Module mod_allowmethods

Description:	Easily restrict what HTTP methods can be used on the server
Status:	Experimental
Module Identifier:	allowmethods_module
Source File:	mod_allowmethods.c

Summary

This module makes it easy to restrict what HTTP methods can be used on a server. The most common configuration would be:

<Location "/">
   AllowMethods GET POST OPTIONS
</Location>

AllowMethods Directive

Description:	Restrict access to the listed HTTP methods
Syntax:	AllowMethods reset|HTTP-method [HTTP-method]...
Default:	AllowMethods reset
Context:	directory
Status:	Experimental
Module:	mod_allowmethods

The HTTP-methods are case sensitive and are generally, as per RFC, given in upper case. The GET and HEAD methods are treated as equivalent. The reset keyword can be used to turn off mod_allowmethods in a deeper nested context:

<Location "/svn">
   AllowMethods reset
</Location>

Caution

The TRACE method cannot be denied by this module; use TraceEnable instead.

mod_allowmethods was written to replace the rather kludgy implementation of Limit and LimitExcept.

Copyright 2017 The Apache Software Foundation.
Licensed under the Apache License, Version 2.0.

Modules | Directives | FAQ | Glossary | Sitemap

previous page start next page

Get in touch

Submit feedback about this site to:

• [email protected]