Apache HTTP Server Version 2.4
Description: | Easily restrict what HTTP methods can be used on the server |
---|---|
Status: | Experimental |
Module Identifier: | allowmethods_module |
Source File: | mod_allowmethods.c |
This module makes it easy to restrict what HTTP methods can used on an server. The most common configuration would be:
<Location "/"> AllowMethods GET POST OPTIONS </Location>
Description: | Restrict access to the listed HTTP methods |
---|---|
Syntax: | AllowMethods reset|HTTP-method
[HTTP-method]... |
Default: | AllowMethods reset |
Context: | directory |
Status: | Experimental |
Module: | mod_allowmethods |
The HTTP-methods are case sensitive, and are generally as per
RFC given in upper case. The GET and HEAD methods are treated as
equivalent. The reset
keyword can be used
turn off mod_allowmethods
in a deeper nested context:
<Location "/svn"> AllowMethods reset </Location>
The TRACE method can not be denied by this module,
use TraceEnable
instead.
mod_allowmethods
was written to replace the rather
kludgy implementation of Limit
and
LimitExcept
.