2010/8/9 Morgan <firstname.lastname@example.org>
How to do this under the apache win 32 + php? I'm just beginning to comprehend the science ...
Something like the following should force all requests to use the GET, HEAD or POST HTTP methods. You may need to add / subtract methods based on your application's needs.
SecRule REQUEST_METHOD "!^(GET|HEAD|POST)$" "phase:1,t:none,deny"