How to resolve “POST to /wp-admin/post.php not supported” error in WordPress
Sometimes while posting in WordPress blog software, users encounter the following error and fail to submit the new post or edited post.
Method Not Implemented POST to /wp-admin/post.php not supported.
Apache/2.2.0 (XenOS) Server at techpulp.com Port 80
This error is due to mod_security which is enabled on your Apache server. The mod_security helps protect your website and is called Open Source Web Application Firewall. It comes with a big set of rules against which each server request is matched to detect any hacker trying to compromise your website. In a way mod_security is very good to have it enabled as a security measure. but if any data transfer with your Web application like WordPress or any other matched with the rules of mod_security, you will find undesired results. Some of such problems are failing to post, failing to upload a file in WordPress.
The mod_security module checks the content of your post or the uploading file to match its rules. If it finds a match it will reject the request and you will see a log message in error.log similar to the following:
[Sun Feb 01 14:52:00 2009] [error] [client 127.0.0.1] ModSecurity: Access denied with code 501 (phase 2). Pattern match "(?:\b(?: \.(?:ht(?:access|passwd|group)|www_?acl)|global\.asa|httpd\.conf|boot\.ini) \b|\/etc\/)" at ARGS:content. [file "/etc/httpd/modsecurity.d /modsecurity_crs_40_generic_attacks.conf"] [line "114"] [id "950005"] [msg "Remote File Access Attempt"] [data "/etc/"] [severity "CRITICAL"] [tag "WEB_ATTACK/FILE_INJECTION"] [hostname "techpulp.com"] [uri "/wp-admin /post.php"] [unique_id "SYVpuH8AAAEAAAmySxIAAAAE"]
You have two choices if you encounter such problems.
- Disable mod_security completely (not recommended)
- Disable mod_security temporarily and repeat your failed attempt of posting or uploading in WordPress and then enable mod_security back.
If you have direct access to the server, you can disable the mod_security by commenting out following line in “/etc/httpd/conf.d/mod_security.conf” file.
#LoadModule security2_module modules/mod_security2.so #LoadModule unique_id_module modules/mod_unique_id.so
If you don’t have access to Apache server configuration, you raise request with the web hosting service provider to do it for you.
about 3 years ago
I noticed this error once. The most annoying part of this problem occurs when you press the Publish button and you tend to lose whatever you have typed as part of the post. The post becomes blank if moved to previous page using Back button in the browser.
about 3 years ago
one possible solution in such scenario is to keep the browser open without pressing back button. Then fix the server problem and press refresh button on the browser window to repeat the previous post request.
about 2 years ago
this is exactly the post I am looking for. thanks.
about 2 years ago
I wrote a bit more about this issue, and suggested how to solve it here:
http://spind.net/2009/05/13/the-mysterious-case-of-the-501-error/
about 1 year ago
Where is admin?!
Thank you