0
nine
144d

PUT method works in dev but not in prod for code ignitor. Stuck on this one from a week. Someone HELP 必

(Checked htaccess and PUT is enabled)

Comments
  • 0
  • 0
    @synemeup does not work :(
  • 1
    Do you really think that "does not work" is enough of a problem description to get useful help?
  • 1
    @Fast-Nop *The problem persists.
  • 3
    @nine Indeed, it does - and I don't mean the "put" problem.
  • 0
    Is your Prod and Dev environment the same?

    Because you seem to keep having environment specific issues.
  • 0
    Ensure the web server for prod isn't "security hardened" in Nginx it's possible to explicitly allow only GET and POST as the methods - that would leave out PUT. It is a common security practice. Also, prod could have the PHP short tags disabled ... this often breaks things.
  • 1
    @C0D4 The environments are different but I am not able to figure out where specifically to look at. I did check .htaccess and it does have PUT method enabled.
  • 1
    @theKarlisK I checked and the short tags are enabled. I am not really sure about the "security hardened" thing because of lack of experience
  • 0
    @nine if you add a file outside of CI and grab the input with php://input does it grab the PUT data?

    Ensure the new file is in the same directory as the .htaccess
  • 1
    @C0D4 The PUT method would not work to grab input. But if I use POST for the same, it will work.
  • 0
    @nine security hardened implies that oppose to default settings, commonly abused or unsafe settings/features are disabled or blocked such as disabling Directory Browsing (today disabled by default everywhere) or running web and php as any other (unprivileged) user but root. As well as specifically disabling anything that won't be used.

    What webserver is running? Apache, Nginx, Caddy?
  • 0
    @theKarlisK that’s new inforfor me. Thanks!

    The web server runs on Apache
  • 0
    @nine
    do you have access to the httpd.conf file in /etc/httpd
    or apache.conf in /etc/apache/

    you might find the block is in the appropriate .conf file or files for the virtualhosts or even ssl.conf depending on how things have been setup.

    there is unfortunately several places you could utilise to block a http method in apache.
Add Comment