Apache > HTTP Server > Documentation > Version 2.4 > Modules

Apache Module mod_allowmethods

Available Languages:  en  |  fr 

Description:Easily restrict what HTTP methods can be used on the server
Module Identifier:allowmethods_module
Source File:mod_allowmethods.c


This module makes it easy to restrict what HTTP methods can used on an server. The most common configuration would be:

<Location />
   AllowMethods GET POST OPTIONS


AllowMethods Directive

Description:Restrict access to the listed HTTP methods
Syntax:AllowMethods reset|HTTP-method [HTTP-method]...
Default:AllowMethods reset

The HTTP-methods are case sensitive, and are generally as per RFC given in upper case. The GET and HEAD methods are treated as equivalent. The reset keyword can be used turn off mod_allowmethods in a deeper nested context:

<Location /svn>
   AllowMethods reset


The TRACE method can not be denied by this module, use TraceEnable instead.

mod_allowmethods was written to replace the rather kludgy implementation of Limit and LimitExcept.

Available Languages:  en  |  fr 


This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.