HTTP 405 Method Not Allowed

Overview

The HTTP 405 Method Not Allowed status code indicates that the request method is known by the server but is not supported by the target resource. This response is accompanied by an Allow header that provides a list of valid methods for the requested resource.

Purpose

The HTTP 405 response is used to inform the client that the HTTP method used in the request is not permitted for the requested resource, even though it may be valid.

Usage

Client Behavior:

  1. Send Request: The client sends an HTTP request using a method not supported by the resource (e.g., PUT on a read-only resource).
  2. Receive Response: The client receives the HTTP 405 status code, indicating that the method is not allowed.

Server Behavior:

  1. Evaluate Request Method: The server determines that the request method is not supported for the requested resource.
  2. Send Response: The server sends a 405 Method Not Allowed response, usually with an Allow header listing the valid methods.

Scenarios

  • Unsupported Methods: When the client uses an HTTP method not supported by the resource (e.g., DELETE on a static page).
  • API Endpoint Restrictions: API endpoints restricting certain methods for specific resources.

Sequence Diagram

Illustrating the process for an HTTP 405 response:

sequenceDiagram
    participant Client
    participant Server as Web Server

    Note over Client: Client attempts an unsupported method
    Client->>Server: PUT /read-only-resource HTTP/1.1
    Note over Server: Server identifies method as not allowed
    Server->>Client: HTTP/1.1 405 Method Not Allowed
    Server->>Client: Allow: GET, HEAD

Curl Request and Response Example

Attempting an unsupported method using Curl:

curl -i -X PUT http://example.com/read-only-resource
# Expected response: HTTP/1.1 405 Method Not Allowed
# Allow: GET, HEAD

PHP cURL Request and Response Example

PHP script using cURL to handle a 405 Method Not Allowed response:

<?php
$ch = curl_init('http://example.com/read-only-resource');
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'PUT');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
if (curl_getinfo($ch, CURLINFO_HTTP_CODE) == 405) {
    echo "Method not allowed. Allowed methods: " . curl_getinfo($ch, CURLINFO_HEADER_OUT);
}
curl_close($ch);
?>

Python Request and Response Example

Python script to send an unsupported request method and handle a 405 Method Not Allowed response:

import requests
response = requests.put('http://example.com/read-only-resource')
if response.status_code == 405:
    print("Method not allowed. Allowed methods:", response.headers['Allow'])

Apache Configuration for HTTP 405 Method Not Allowed

Configuring Apache to restrict certain methods for resources:

<VirtualHost *:80>
    ServerName example.com
    <Location "/read-only-resource">
        <LimitExcept GET HEAD>
            Require all denied
        </LimitExcept>
    </Location>
</VirtualHost>

NGINX Configuration for HTTP 405 Method Not Allowed

Setting up NGINX to specify allowed methods for a resource:

server {
    listen 80;
    server_name example.com;
    location /read-only-resource {
        limit_except GET HEAD {
            deny all;
        }
    }
}

HTTP 404 Not Found HTTP 406 Not Acceptable

 

Free Weekly

Newsletter

Join my weekly newsletter for the latest in tech! You'll get neat coding tricks, trend updates, career advice, SaaS reviews, crypto, bitcoin, and financial tips. All straight to your inbox, designed to keep you ahead.

All tactics. No fluff. Action takers Only 🚀

© 2024 Orhan Doğan
Privacy PolicyTerms of UseContact