Using RewriteRule in .htaccess for POST request

I am attempting to lock down a page to only accept POST requests. as part of an RESTful API. I have the following, but it doesn't see开发者_如何学JAVAm to work. Any help would be appreciated.

RewriteCond %{REQUEST_METHOD} POST
RewriteRule ^api/(call1|call2|call3)/?/ http://www.example.com/api/rest_services.php?_call=$1 [L]

You need to invert the condition to just match requests that are not POST:

RewriteCond %{REQUEST_METHOD} !=POST
RewriteRule ^api/(call1|call2|call3)/?/ - [L,R=405]

And then you should also send the 405 status code to tell the client the reason. But the R=405 flag is only available since Apache 2. For Apache 1 you can send those requests to a PHP script that responds with that status code.

I'm not qualified to answer the question about .htaccess, but this is the way I'd rather do it anyway:

<?php

if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    die('some meaningful REST style error here');
}

My mistake. Syntax error on the RewriteRule. Should be the following. Note the $ not /

RewriteRule ^api/(call1|call2|call3)/?$ http://www.example.com/api/rest_services.php?_call=$1 [L]

Use this in conjunction with <Location>:

<Limit GET>
  Deny from all
</Limit>