Issue with Nginx and Apache when DELETE and PUT requests

Hope this will help to someone with same issue.

I had an issue with DELETE and PUT requests.
Finally it turned out that following server configuration: Nginx as proxy for Apache in background will cause this problem. It is related to Nginx configuration settings.
my OJS is on shared hosting and I have no access to Nginx settings as so. Nginx is returning 403 status on DELETE and PUT requests, but serves without problem the GET and POST.

Idea for solution came from the this stackoverflow question

Solution (workaround) is to code the requests with POST for DELETE and PUT, and use “Slimframework”'s override the HTTP request method by using X-Http-Method-Override.

Suggestion for developers, please consider this in your coding.

1 Like

Hi @ssalavat,

Have you worked out the changes to OJS in detail? If so, could you open a pull request to the github repository (or repositories), linking back to this posting in the description?

Alec Smecher
Public Knowledge Project Team

Sorry for probably silly question: to which branch I should create pull request?

Hi @ssalavat,

See if your changes will apply cleanly to master; that’s the best place for new code to go. If not, then submit to the stable branch matching your version (e.g. stable-3_2_0 for 3.2.0-x).

Alec Smecher
Public Knowledge Project Team

Hi @asmecher,

I have created pull request in ui-library part.

1 Like


I think i am having this problem with an OJS 3.2.0-3 site hosted on InfinityFree since i get the following response headers when trying to edit a journal (weird thing is i can not only create but delete journals as well)


  1. Request URL: …/index.php/larevista/api/v1/contexts/4
  2. Request Method: PUT
  3. Status Code: 403 Forbidden
  4. Remote Address:
  5. Referrer Policy: no-referrer-when-downgrade

Response headers

  1. Cache-Control: public, proxy-revalidate, public, proxy-revalidate
  2. Connection: keep-alive
  3. Content-Encoding: gzip
  4. Content-Type: text/html
  5. Date: Mon, 22 Jun 2020 04:14:39 GMT
  6. Last-Modified: Mon, 22 Jun 2020 03:49:34 GMT
  7. Server: nginx
  8. Transfer-Encoding: chunked
  9. Vary: Accept-Encoding

Console output:

jquery.min.js?v= PUT …/index.php/larevista/api/v1/contexts/4 403 (Forbidden)

Is the idea to include the workaround with the next version? would an update to 3.2.1 fix this?

Thanks in advance!

I do not know if it will be included in 3.2.1, probably @asmecher will have this info.
The suggested workaround has been merged at master branch to my knowledge.

If need to overcome this in, I can help you to apply the workaround.

@ssalavat i would really appreciate the help with the workaround, thanks in advance!