Dez 07

Joomla 405 – HTTP verb used to access this page is not allowed on IIS (Internet Information Services)

Tag: Tipps und TricksTorsten @ 22:18

This topic is not really .NET. But since a colleague of mine spent a lot of time trying to get this special configuration to work I will also share my solution with you, as it might help:

He was getting the following server error inside Joomla when trying to delete a page inside the CMS:
405 – HTTP verb used to access this page is not allowed.
The page you are looking for cannot be displayed because an invalid method (HTTP verb) was used to attempt access.

By default IIS will not allow PUT or DELETE for security reasons (which is wise in my opinion)

You can get around it, here’s what you need to do:

  1. Do NOT install the WebDAV Publishing feature for IIS in the ServerManager, as it would cause conflicts (it intercepts verbs before they get to your module/handler).
    Screenshot: ServerManager IIS8
  2. If you can’t live without WebDAV on your IIS Server (i.e. used by another site) you can still install it and then remove it specifically under modules for your site.
    Screenshot: IIS8 Manager Modules
  3. Then under Handler Mappings, Add Module Mapping… add a PHP mapping to your Web Site (or the global IIS server setting). If a mapping for PHP already exists edit the existing one.
    Screenshot: IIS Manager Module Mappings
    You will notice that I use the DOS file/path notation instead of the full path with spaces and quotation marks. The reason is that the IIS Manager regularly strips away quotation marks giving you an error each time you try to update this entry. With the DOS notation the path remains valid.
  4. Click on Request Restrictions and add PUT and DELETE under the Verbs tab.
    Screenshot:IIS Manager - Request Restrictions
  5. You could restart the IIS instance just to be on the safe side.
  6. You are now able to upload and delete content inside Joomja / Gantry5 on your IIS. 🙂

 

Instead of removing the WebDAV in the IIS configuration via Internet Information Services (IIS) Manager you could also rig a web.config file to remove the module and handler mapping for you:

<?xml version="1.0"?>
<configuration>
  <system.webServer>
    <modules>
      <remove name="WebDAVModule"/>
    </modules>
    <handlers>
      <remove name="WebDAV" />
    </handlers>
  </system.webServer>
</configuration>

See also PUT/POST/DELETE Verb Errors On Site

You would have to unlock specific sections to allow you to do that, i.e. via elevated command prompt
appcmd.exe unlock config /section:system.webserver/modules
appcmd.exe unlock config /section:system.webserver/handlers

But this would would make your IIS a little less secure as the content of your site could override primary features. Therefore I would recommend the approach via IIS Manager.