Reputation: 528
Only Allow POST Requests and Deny all other REQUEST_METHOD using .htaccess
I have some email PHP Scripts which I do not want the user to have a look by a GET, but I am using it to send as an email, using wufoo's webHook if anyone knows about it, so it uses POST so I just want POST Requests to be allowed otherwise, 403 or 404 how do I do that?
I tried some answers given on SO and browsed documentation of apache web server, the best answer I found was this:
RewriteEngine On
RewriteCond %{REQUEST_METHOD} !=GET
RewriteRule ^.*$ /path/to
But I suppose this should be written in the directory where I have PHP Script, I just want use one .htaccess in root.
Folder Structure :
public_html (would want to use this folders .htaccess only)
-- email
-- mail.php (ONLY POST)
I know we can use REQUEST_METHOD in mail.php directly but I don't want to do that, it is kind of thing which is not related to the script actually.
can anyone provide some help.
Upvotes: 3
Views: 13039
Answers (1)
Reputation: 11117
RewriteEngine On
RewriteCond %{REQUEST_METHOD} !POST
RewriteRule .* - [R=405,L]
Upvotes: 0
Related Questions
- How to block post method on some url in htaccess
- Prevent POST request
- Block HTTP POST request
- Deny post request to specific file types
- Only Allow $_POST and $_GET and Deny All HTACCESS
- Allowing only HTTPS POST requests using .htaccess
- Restrict POST Request The Server
- .htaccess Allow POST method for ONLY cetain IP ranges
- Blocking HTTP POST attacks
- Use htaccess to allow POST, but block browsing PHP files