So I have lighttpd installed and the site it runs only needs to respond to GET
requests.
I was wondering how I can return 405 responses with Allow: GET
headers to anything but GET
requests using lighttpd?
I've had a quick google but even the lighttpd doesn't turn up anything solid.
Update
Limiting by $HTTP["request-method"]
works a treat.
Unfortunately when you use url.access-deny
lighttpd sets the status code and headers as a fixed thing (403 status), regardless of if you try to add header before or after.
End result:
$HTTP["request-method"] =~ "^(PUT|HEAD|PATCH|DELETE)$" {
url.access-deny = ( "" )
}
Best Answer
Since version 1.4.19, you can filter on
request-method
: