I ended up figuring this out and I thought I would respond to my original
message to let anyone know who stumbles on this what the problem was.
Apache does not want to send arbitrary HTTP request methods to regular
files. Sending a "DELETE" or "PUT" to a regular file in a document root
will end up with a "405 Method not allowed", even if the method is "Allow"d
(e.g. "Allow from all"... We're kind of overloading the term "Allowed"
here!). That is, unless you're using dav/dav_fs, which isn't what I'm
trying to do here. If the document being processed is a script, like PHP,
Apache is normally willing to forward the request to the file with the
REQUEST_METHOD populated.
The issue comes down to how Apache integrates with PHP. In my case, under
Ubuntu 12.04, there were two packages:
libapache2-mod-php5 and libapache2-mod-php5filter
I had accidentally installed the "libapache2-mod-php5filter" package, which
integrates with Apache using the following lines:
SetInputFilter PHP
SetOutputFilter PHP
These functions are specifically geared toward GET (Output) & POST (Input)
operations and don't instruct Apache to pass all request methods to PHP.
For all other request methods, Apache treats the .php file as a standard
file. I uninstalled libapache2-mod-php5filter and installed
libapache2-mod-php5, which integrates with:
<FilesMatch "\.ph(p3?|tml)$">
SetHandler application/x-httpd-php
</FilesMatch>
The SetHandler accepts all request methods, including the PUT & DELETE I
was trying to get working. Hope this helps someone out there.
On Thu, Aug 23, 2012 at 1:59 PM, Scott Bigelow <eph...@gmail.com> wrote:
> I am having an issue with Apache/2.2.22 on Ubuntu 12.04, migrating service
> from an older system, Apache/2.2.3 on CentOS. We make use of PHP to serve
> RESTful requests, but I do not believe this is a PHP issue, since the issue
> is present even when not calling a PHP script.
>
> On the old server, it will accept any HTTP Method (specifically, PUT and
> DELETE are desired).
>
> On the new server, I cannot get it to recognize any method other than GET,
> POST, OPTIONS, and HEADER. Here is my very simple block:
>
> <Directory "/var/www">
> Options FollowSymLinks
> AllowOverride None
> Order allow,deny
> allow from all
> <Limit DELETE GET>
> Order allow,deny
> Allow from all
> </Limit>
> </Directory>
>
> Even with this stanza, "curl -X DELETE URL" returns a "405 Method not
> allowed". When I change "Allow from all" to "Deny from all" in the
> <Limit>, it returns a 403 instead, so I know the block is effective for
> this request. Is there some other part of Apache which is preventing the
> DELETE method? Thanks for taking the time to read through my issue,
> -Scott
