Home » Linux, Web

Method Not Implemented

12 February 2011 No Comment

Method Not ImplementedLet’s say that you have a CMS (Content Management System) site powered by either WordPress or Joomla. Everything is working as expected. Hooray! So far so good. You can do everything you need to do and then one day, you are not able to submit or edit an article. Oh no! Now what?

You have not made any changes to your site (e.g., you did not make any code changes recently). Everything should have worked. Nothing changed. What have changed?

Something must have changed because your WordPress or Joomla site is not working anymore.

Instead of getting access to your WordPress Administration console, you get an error page with the message below.

501 Method Not Implemented

On Joomla Administration console, you might this error message.

Method Not Implemented
GET to /administrator/index.php not supported.

These error messages are very vague and do not tell you what happened.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
You may also get an error like “get to /index.php not supported.” What is going on here? You didn’t make any changes. It was working one day and the next it stopped working. Very strange…

Yes, it is strange but most likely you or your ISP have made a change to Apache. Have you or your ISP installed mod security? If so, it may break WordPress and Joomla. If you are using a shared hosting plan, then it is most likely caused by your hosting provider.

Modsecurity is an application firewall for your web server. If your application is vulnerable to SQL injection, you would use modsecurity on your Apache web server. The module filters, and optionally rejects, incoming requests based on a number of different criteria like CGI variables, HTTP headers, environment variables, and even individual script parameters.

To fix this issue, you need to turn off modsecurity for your site. If you have access to the Apache configuration, add the following line to the modsecurity.conf file. If not, ask your ISP to make the change.

SecRuleRemoveById XXX

Where XXX is the ID number of your site. After restarting the Apache process, you should be back in business.

Leave your response!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.