How to set almost any webapplication to read-only

Sometime you may want to be able to “switch off” some web-application for particular reasons e.g. spamflooding or abuse of a REST service but you may want to enable information retrieval.

Most web applications like wordpress, mediawiki or other web 2.0 applications follow RFC 7231 where GET is defined as the primary method for information retrieval (RFC 7231,  4.3.1). Somewhere is defined that GET SCHOULD NOT be used for changing information (deleting, writing).

Just put something like this in your apache config (in VirtualHost):

    # deny everything but GET 
    <Location />
        <LimitExcept GET>
            Deny from all
        </LimitExcept>
    </Location>

 

private server

My private server is hosted at a small company in munich. This server is currently running FreeBSD 11.0-RELEASE and has around 15 Jails running on it, most of them Apache Webserver with PHP application servers running some websites or blogs like this one and some other jails for major internet services like dns, mail, proxy server, shell server and some internal infrastructure jails (mysql, ssl/acme management, git, …) Continue reading “private server”