There can be a case when you want to restrict any request methods for your website. Restrict in the sense you don’t want user to perform that action. Different Request methods available are as below:
- GET
- POST
- TRACE
- TRACK
- OPTIONS
- HEAD
So now we all know that most used Request Methods are [code]GET[/code] and [code]POST[/code] and in your application you needs only these two methods available in that case you can disable rest of the Request Methods just by placing a single line of code in [code].htaccess[/code] file.
After placing below code in htaccess file, user will get Forbidden Error when user has initiated a restricted Request Methods.
Now let’s see how to achieve this.
[cc lang=”apache”]
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS|HEAD)
RewriteRule .* – [F]
[/cc]
So after placing this code your application will show forbidden error for the TRACE, TRACK, OPTIONS and HEAD Request Methods.
Hope you enjoyed this small trick for your website. Subscribe to our RSS Feed via Email for more Htaccess Tricks.
[…] There can be a case when you want to restrict any request methods for your website. Restrict in the sense you don’t want user to perform that action. PHP Read the original post on DZone… […]
[…] Namun hal ini dapat kita lakukan tindakan pencegahan dengan melindungi file wp-config.php lewat htaccess dengan menambahkan perintah berikut<Files wp-config.php> order allow,deny deny from all […]