Why does SlickStack block PUT and DELETE requests in Nginx
- This topic is empty.
-
AuthorPosts
-
BruceGuest
This has come up a few times so I thought we should have a forum thread for better SEO visibility… if you are using WordPress and Nginx and wondering why certain requests are result in 405 errors such as PUT, DELETE, PATCH etc…
https://github.com/littlebizzy/slickstack/issues/116
It’s because these are disallowed by default in modern servers for the most part, even if you’re not using SlickStack with Nginx.
ZacharyGuestThe immediate reaction from some “full stack” devs might be omg, WordPress is so annoying, or SlickStack is not working properly!
This isn’t the case… it’s usually that they are using unsafe/old-fashioned requests in their WordPress plugin or whatever application having problems….
RobertGuestThe truth is WordPress is pretty awesome here, because using the REST API you can send nearly anything using safer POST requests:
https://gridpane.com/kb/making-nginx-accept-put-delete-and-patch-verbs/
And then using query strings, you can generate pseudo-requests to accomplish things that are not typically included in POST requests, but can be with WordPress.
Example:
POST /wp-json/wp/v2/posts/42?_method=DELETE
MichelleGuestIf you review that article from GridPane they also provide a free “hack” you can add to your Nginx using a small
.conf
file to redirect non-POST requests as needed.But for SlickStack we don’t plan on adding this by default because it’s really just patching poorly coded plugins, etc.
The better solution is to fix the code in question to leverage the REST API better.
JesseGuestMore reading on this
RichardGuestAnd then using query strings, you can generate pseudo-requests to accomplish things that are not typically included in POST requests, but can be with WordPress.
Any properly coded WordPress plugin should be doing this via REST API.
If your plugin is not doing this, hacking your Nginx to accept non-POST requests is just decreasing security and avoiding a long-term solution.
-
AuthorPosts