well I misunderstood the meaning of the directive: if I understand Limit is to enforce access control to certain methods (which results in limiting the availability of a method when you apply an access control rule general enough). If you have access control rules open enough you shouldn't have problem with a specific method. From the Apache docs for the current stable version
http://httpd.apache.org/docs/current/mod/core.html#limit "Restrict enclosed access controls to only certain HTTP methods" "Access controls are normally effective for all access methods, and this is the usual desired behavior. In the general case, access control directives should not be placed within a <Limit> section. The purpose of the <Limit> directive is to restrict the effect of the access controls to the nominated HTTP methods. For all other methods, the access restrictions that are enclosed in the <Limit> bracket will have no effect. The following example applies the access control only to the methods POST, PUT, and DELETE, leaving all other methods unprotected" -- Massimo On 05/17/2013 10:01 AM, Massimo Manghi wrote: > actually <Limit > should ...limit the availability to a set of methods > in the hypothesis they are available and enabled in a larger set. Did > you test DELETE with PHP? > > -- Massimo > > On 05/17/2013 09:55 AM, Georgios Petasis wrote: >> I tried with this: >> >> <Directory /opt/WebServices> >> DirectoryIndex index.html index.htm index.shtml index.cgi index.tcl >> index.rvt >> >> AllowOverride None >> Order allow,deny >> Allow from all >> Require all granted >> # Require method GET HEAD POST PUT DELETE OPTIONS TRACE >> <Limit GET POST PUT DELETE> >> Order allow,deny >> Allow from all >> </Limit> >> <IfModule mod_security2.c> >> SecRuleInheritance Off >> </IfModule> >> </Directory> >> >> Again, 405 Method Not Allowed. GET, POST, PUT work as usual. >> >> George >> > > -- -- Massimo Manghi Dipartimento di Neuroscienze Unità di Biofisica e Fisica Sanitaria via Volturno 39 43125 Parma --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
