mod_allowmethods Easily restrict what HTTP methods can be used on the server Experimental mod_allowmethods.c allowmethods_module

This module makes it easy to restrict what HTTP methods can used on an server. The most common configuration would be:

<Location "/"> AllowMethods GET POST OPTIONS </Location> AllowMethods Restrict access to the listed HTTP methods AllowMethods reset|HTTP-method [HTTP-method]... AllowMethods reset directory Experimental

The HTTP-methods are case sensitive, and are generally as per RFC given in upper case. The GET and HEAD methods are treated as equivalent. The reset keyword can be used turn off mod_allowmethods in a deeper nested context:

<Location "/svn"> AllowMethods reset </Location> Caution

The TRACE method can not be denied by this module, use TraceEnable instead.

mod_allowmethods was written to replace the rather kludgy implementation of Limit and LimitExcept.