Hello,
On Thu, Feb 11, 2016 at 10:56 PM, Toomas Aas <toomas.aas@xxxxxxxxxxx> wrote:
>
> Approach 1:
> -------------------------------------
> RewriteCond %{REQUEST_METHOD} OPTIONS
> RewriteRule .* - [R=405,L]
> -------------------------------------
You also need to set:
RewriteOptions AllowAnyURI
for this to work.
But since this option could open some dangerous doors (see [1]), I
also suggest to use something like:
RewriteRule ^[^/] - [R=403,L]
just after "Approach 1" above, so to deny any URI not starting with '/'.
Regards,
Yann.
[1] http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html#rewriteoptions
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx