-
Notifications
You must be signed in to change notification settings - Fork 4.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AH01623: client method denied by server configuration: 'PUT' #5632
Comments
@phamhung77 can you confirm that this is a clean WordPress install with no additional plugins/themes? |
I do have some other plugins. However, when I switched to classic editor, I can create pages just fine. So, it should be something wrong in Gutenberg. |
@phamhung77 it could still be a conflict with Gutenberg and something that's installed on your instance. Can you confirm your WordPress version and any installed themes/plugins? In parallel, would you be able to test on a clean WordPress + Gutenberg install to see if you still get the same error? Any additional details you can provide will help in our triage of the issue... thanks! |
Fine, as you wished :) A fresh WordPress installation with no plugin, only Gutenberg, and Twenty Seventeen theme. The same problem
|
Thanks for the bug report, @phamhung77! I think I have a fix for this, could I get you to test #5741? If you don't have a development environment setup, you can also test with Gutenberg 2.4, by copy/pasting this function and hook into your install. |
Thanks for the patch. It seems to fix the PUT error message, but still including security warning like above. |
Thanks for the feedback, @phamhung77. You should disable that security rule, as it's trying to protect against an issue that was fixed in WordPress 4.7.2. |
No, I don't think that I would like to disable the rule, because it's only appearing when using Gutenberg. That means somewhere in the Gutenberg code contains the problem, not WordPress itself. |
@phamhung77: That's up to you, but there's no way for Gutenberg or WordPress to work around this: any application that tries to send a valid REST request that violates this rule will fail, this isn't a Gutenberg bug, Gutenberg just exposed the overly broad rule by virtue of being the first Core WordPress feature that makes significant use of the REST API. Cloudflare have have to make similar changes to their security rules, any WAF that uses a rule this one will need to change. |
I'm in contact with Comodo directly to updated their WAF rules, there's nothing else we can do from here. |
I posted on WP forum a week ago, but no one answers.
[Thu Mar 15 11:17:40.299034 2018] [allowmethods:error] [pid 23959:tid 140642478888704] [client my-ip-address:2809] AH01623: client method denied by server configuration: 'PUT' to /home/username/domains/my-domain/public_html/wp-json, referer: http://my-domain/wp-admin/post-new.php?post_type=page
With version 2.4.0, still get the same error when creating a new page then save.
The text was updated successfully, but these errors were encountered: