TechQA.

How to block sending POST requests from IIS?

93 views Asked by At

I need to block all non-GET requests to a REST API from a web application hosted in an IIS 8.5, just for a few days. My idea is to while we perform some migration tasks, the users will not be able to add, modify or delete any information in the system where we store all the data. Our plan is to block the user from the interface, but also we want to block all POST, PUT and DELETE exiting calls to the API domain.

Is it possible to block sending these headers, while we allow the GETs, from IIS or web.config level?

iis-8
Original Q&A
1

There are 1 answers

2
Jalpa Panchal On

You could try to use request filtering to allow only GET requests and block all other types of HTTP methods and allow others:

web.config:

<system.webServer>
  <security>
    <requestFiltering>
      <verbs allowUnlisted="false">
        <add verb="GET" allowed="true"/> 
      </verbs>
    </requestFiltering>
  </security>
</system.webServer>

Related Questions in IIS-8

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions