Limit Request Methods Using .htaccess

  • Avinash
  • 2
  • Feb 03, 2012
  • Web Server

There can be a case when you want to restrict any request methods for your website. Restrict in the sense you don’t want user to perform that action. Different Request methods available are as below:

  1. GET
  2. POST
  3. TRACE
  4. TRACK
  5. OPTIONS
  6. HEAD

So now we all know that most used Request Methods are GET and POST and in your application you needs only these two methods available in that case you can disable rest of the Request Methods just by placing a single line of code in .htaccess file.

After placing below code in htaccess file, user will get Forbidden Error when user has initiated a restricted Request Methods.

Now let’s see how to achieve this.

RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS|HEAD) RewriteRule .* - [F]
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS|HEAD)
RewriteRule .* - [F]

So after placing this code your application will show forbidden error for the TRACE, TRACK, OPTIONS and HEAD Request Methods.

Hope you enjoyed this small trick for your website. Subscribe to our RSS Feed via Email for more Htaccess Tricks.

Related Posts

Written by Avinash

Avinash Zala is leading various projects which deals with the various technology involved with the web. A combination of perfect technical and management skills. Avinash would like to chat with you and convert your imagination into the working system. You can get in touch with him on Facebook and Twitter.

View all posts by: