Home/ Questions/Q 8882881
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-14T20:41:05+00:00

I have been looking around for ways to deny all HTTP methods but POST.

  • 0

I have been looking around for ways to deny all HTTP methods but POST. Yes i realize this might not prevent much but i would like to make it work. I came across a way to deny all but post using the .htaccess file:

RewriteEngine On
RewriteCond %{REQUEST_METHOD} !^POST
RewriteRule ^.*$ /home/user/public_html/folder/bad_request.php

Now in my iphone app i have the following code which POST’s data to the website:

NSString *post_length = [NSString stringWithFormat:@"%d",[post_data length]];
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:@"http://folder.domain.com/"]];
[request setHTTPMethod:@"POST"];
[request setValue:post_length forHTTPHeaderField:@"Content-Length"];
[request setValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"Content-Type"];
[request setHTTPBody:post_data];

When i run this code with my current .htaccess as shown above i get the bad_request page as if i wasnt POSTing data but if i change the .htaccess rule to !^GET i can visit it in the browser and gain access but when i post with the iPhone code i get denied…so that works backwards. Does anyone have an idea why it wont work?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Ok so after trying with no success i finally decided to incorporate a portion of your suggested .htaccess code along with some .php. I have the .htaccess file get the request method and send it to the index.php, the index.php file then says if its == ‘POST’ do something else do something else and it works.

    .htaccess

    RewriteEngine On
RewriteRule ^(.*) index.php?request=%{REQUEST_METHOD} [L,QSA]

    index.php

    if ($_GET['request'] == 'POST') {

} else {

}
    • 0