Block POST requests on websites using .htaccess

Block POST requests on websites using .htaccess

That block will only prevent POST requests from hosts other than, and you will get a 403 Forbidden response:

# allow the server to POST to itself
RewriteCond %{REMOTE_ADDR} !

# allow POST from trusted users
RewriteCond %{REMOTE_ADDR} !123.456.789.123

# send all other post requests to 403 forbidden
RewriteRule ^ / [F]
If you would prefer to send post request to the home page of your site instead replace [F] in the last line with [R,L]
You’d replace the / with where your “home page” is if it isn’t just /.


# deny all POST requests
<IfModule mod_rewrite.c>
RewriteRule .* – [F,L]

Leave a Reply

Your email address will not be published. Required fields are marked *

three × 2 =

This site uses Akismet to reduce spam. Learn how your comment data is processed.