with

  1. Marks-Man

    Tutorials Blocking HEAD, DELETE, etc. with lighttpd

    Limiting by $HTTP["request-method"] works a treat. Unfortunately when you use url.access-deny lighttpd sets the status code and headers as a fixed thing (403 status), regardless of if you try to add header before or after. End result:
Top