I have a sever with Linux and Apache latest version. I noticed that if I send a POST with data to any address on the site this is accepted even if there is not a specific PHP script that can handle it. I think it’s normal. But how can I prevent this? I know that some sites (Ebay) complete the post before returning an error (imagine if the post includes a large file, server bandwidth consumption is guaranteed).
How can you prevent a POST from running upstream of a php script or any other script? Do you have to work on the Apache server or in the .htaccess?
2
Answers
I’m not sure but I think your should set your response headers to tell your browser what your end point accepts…
I’m just spit balling, I had gotten this from the CORS specifications.If it doesn’t work then it’s probably because this header has to be in response to an OPTIONS request instead.
If this does work, please tell me.
You would have to block the request before it reaches PHP. I’m not sure about the
header()
method, but restricting access from .htaccess seems a safer option.