- 0 minutes to read

HTTP Error 405.0 - Method Not Allowed

Quickly resolve the HTTP Error 405.0 - Method Not Allowed in the Nodinite Web Client and WebAPI. This guide explains why the error occurs and provides actionable steps to fix it, ensuring seamless editing and management of your resources.

✅ Step-by-step solution for 405 errors in Web Client and WebAPI
✅ Remove WebDAV conflicts in IIS for reliable updates and deletes
✅ Diagnose and fix verb restrictions and handler mapping issues
✅ Visual examples and configuration tips for fast troubleshooting

What is HTTP Error 405?

HTTP Error 405.0 - Method Not Allowed occurs when a web server receives a valid HTTP request but the HTTP verb (method) used is not permitted for the requested resource. For example:

  • Attempting to PUT or DELETE when only GET and POST are allowed
  • Sending a POST request to a resource that only accepts GET
  • Using PATCH when the endpoint doesn't support it

In Nodinite Web Client and WebAPI, 405 errors typically occur when:

  • Editing resources (PUT requests) - Updating Monitor Views, Alarm Plugins, or other configuration
  • Deleting resources (DELETE requests) - Removing entities from the system
  • Creating resources (POST requests) - Adding new configurations

Common HTTP Verbs in Nodinite

HTTP Verb Purpose Example in Nodinite
GET Retrieve data Loading Monitor Views, reading logs
POST Create new resource Adding new Alarm Plugin, creating Monitor View
PUT Update existing resource Editing Monitor View configuration
DELETE Remove resource Deleting an Alarm Plugin entry
PATCH Partial update Updating specific fields in a configuration

Diagnosing the Issue

Before applying fixes, identify the root cause of the 405 error:

Step 1: Identify the HTTP Verb

Check which HTTP verb is being blocked. In the browser developer tools (F12):

  1. Open Network tab
  2. Reproduce the error (e.g., click Save on an edited resource)
  3. Look for the failed request (usually red)
  4. Check the Method column - is it PUT, DELETE, POST, or PATCH?
  5. Click the request and view HeadersResponse Headers for more details

Step 2: Check IIS Failed Request Logs

If detailed error information is not visible in the browser:

  1. Open IIS Manager
  2. Navigate to your site (e.g., Default Web Site → Nodinite)
  3. Enable Failed Request Tracing (if not already enabled)
  4. Reproduce the 405 error
  5. Review the trace logs at C:\inetpub\logs\FailedReqLogFiles\

Look for error details like:

ModuleName: WebDAVModule
Notification: EXECUTE_REQUEST_HANDLER
HttpStatus: 405
HttpReason: Method Not Allowed
HttpSubStatus: 0

Step 3: Review Windows Event Viewer

Check for IIS-related errors:

  1. Open Event Viewer (Windows key + R → eventvwr.msc)
  2. Navigate to Windows LogsApplication
  3. Filter for Source: IIS or Source: ASP.NET
  4. Look for warnings or errors matching your timestamp

Information

Most Common Cause: WebDAV Interference

If WebDAV is installed and you receive a 405 error when editing (Update/Delete) resources in the WebAPI or WebClient, follow the solution below. You can apply this fix to the entire Web Site (usually Default Web Site) or to each Nodinite Application within IIS.

Affected Components:

Tip

Quick Fix: In 90% of cases, removing WebDAV from IIS Modules and Handler Mappings resolves 405 errors in Nodinite. See Solution 1: Remove WebDAV below.

Example error message as shown in the WebClient

Unknown error in Web Client
Example: Unknown error message in the Web Client when 405 occurs.

Full error message

WebDAV Module Method Not Allowed error
Example: Full error message from WebDAV module in IIS.

Solutions

Solution 1: Remove WebDAV (Most Common)

Why this fixes 405 errors: WebDAV (Web Distributed Authoring and Versioning) is an IIS module that intercepts PUT, DELETE, and other HTTP verbs to provide file-system-like operations over HTTP. When enabled, it blocks these verbs from reaching your ASP.NET Web API application, causing 405 errors.

Step-by-Step: Remove WebDAV from IIS

Remove WebDAV from Modules and from Handler Mappings in IIS
IIS Home screen
Example: IIS Home screen for module and handler management.

Remove from Modules

Remove WebDAV from Modules
Example: Removing WebDAV from IIS Modules.

  1. Open IIS Manager
  2. Select your site (e.g., Default Web Site) or application (e.g., Nodinite/WebClient)
  3. Double-click Modules
  4. Locate WebDAVModule in the list
  5. Right-click → Remove
  6. Click Yes to confirm

Remove from Handler Mappings

Remove WebDAV from Handler Mappings
Example: Removing WebDAV from IIS Handler Mappings.

  1. In IIS Manager, navigate to the same site/application
  2. Double-click Handler Mappings
  3. Locate WebDAV in the list
  4. Right-click → Remove
  5. Click Yes to confirm

Note

Restart IIS or recycle the Application Pool after this operation:

# Recycle specific application pool
Restart-WebAppPool -Name "NodiniteAppPool"

# Or restart IIS completely
iisreset

Verify web.config Exclusions

The web.config file for WebAPI and WebClient should include the following exclusions:

<system.webServer>
  <modules runAllManagedModulesForAllRequests="true">
    <remove name="WebDAVModule" />
  </modules>
  <handlers>
    <remove name="WebDAV" />
    <remove name="OPTIONSVerbHandler" />
    <remove name="TRACEVerbHandler" />
    <remove name="ExtensionlessUrlHandler-Integrated-4.0" />
    <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
    <remove name="BlockViewHandler" />
    <add name="BlockViewHandler" path="*" verb="Views/*" preCondition="integratedMode" type="System.Web.HttpNotFoundHandler" />
  </handlers>
</system.webServer>

Note

The system.webServer example is partial. Your web.config will contain additional sections.

Solution 2: Check Request Filtering

If removing WebDAV doesn't resolve the issue, check IIS Request Filtering settings:

Step 1: Review HTTP Verbs in Request Filtering

  1. Open IIS Manager

  2. Select your Nodinite application

  3. Double-click Request Filtering

  4. Click HTTP Verbs tab

  5. Ensure the following verbs are allowed (not explicitly denied):

    • GET
    • POST
    • PUT
    • DELETE
    • PATCH
    • OPTIONS

Step 2: Verify web.config Request Filtering

Your web.config should not include overly restrictive verb filtering:

<system.webServer>
  <security>
    <requestFiltering>
      <!-- Ensure verbs are not explicitly denied -->
      <verbs allowUnlisted="true">
        <!-- No <remove> or <add verb="..." allowed="false" /> for PUT, DELETE, PATCH -->
      </verbs>
    </requestFiltering>
  </security>
</system.webServer>

Tip

Set allowUnlisted="true" to permit all HTTP verbs by default, then only deny specific verbs if absolutely necessary for security.

Solution 3: Handler Mapping Configuration

If 405 errors persist, verify that the ExtensionlessUrlHandler is configured correctly:

Check Handler Mapping in IIS

  1. Open IIS Manager → Navigate to your Nodinite application

  2. Double-click Handler Mappings

  3. Locate ExtensionlessUrlHandler-Integrated-4.0

  4. Right-click → Edit

  5. Verify Request restrictions:

    • Verbs: Should be empty (all verbs) or explicitly list: GET,POST,PUT,DELETE,PATCH,OPTIONS
    • Access: Script

Example web.config Handler Configuration 

<system.webServer>
  <handlers>
    <remove name="ExtensionlessUrlHandler-Integrated-4.0" />
    <add name="ExtensionlessUrlHandler-Integrated-4.0" 
         path="*." 
         verb="GET,POST,PUT,DELETE,PATCH,OPTIONS,HEAD" 
         type="System.Web.Handlers.TransferRequestHandler" 
         preCondition="integratedMode,runtimeVersionv4.0" />
  </handlers>
</system.webServer>

Solution 4: Application Pool Configuration

Ensure the Application Pool is configured correctly for .NET applications:

Verify Application Pool Settings

  1. Open IIS Manager

  2. Click Application Pools in the left pane

  3. Locate your Nodinite Application Pool (e.g., NodiniteAppPool)

  4. Right-click → Advanced Settings

  5. Verify:

    • .NET CLR Version: v4.0 (or higher)
    • Managed Pipeline Mode: Integrated
    • Enable 32-Bit Applications: False (unless specifically required)
    • Identity: NetworkService or custom service account with appropriate permissions

Recycle Application Pool

After making changes, recycle the Application Pool:

# PowerShell
Restart-WebAppPool -Name "NodiniteAppPool"

Or via IIS Manager:

  1. Right-click the Application Pool → Recycle

Solution 5: CORS and Preflight Requests

If 405 errors occur with OPTIONS requests (CORS preflight), configure CORS in web.config:

<system.webServer>
  <httpProtocol>
    <customHeaders>
      <add name="Access-Control-Allow-Origin" value="*" />
      <add name="Access-Control-Allow-Methods" value="GET,POST,PUT,DELETE,PATCH,OPTIONS" />
      <add name="Access-Control-Allow-Headers" value="Content-Type,Authorization" />
    </customHeaders>
  </httpProtocol>
</system.webServer>

Warning

Using Access-Control-Allow-Origin: * allows requests from any domain. For production, specify exact origins: value="https://yournodiniteserver.com"

Troubleshooting Checklist

Before contacting support, verify:

  • WebDAV removed from IIS Modules and Handler Mappings
  • Application Pool recycled after configuration changes
  • web.config includes WebDAV exclusions (<remove name="WebDAVModule" />)
  • Request Filtering allows PUT, DELETE, PATCH verbs
  • ExtensionlessUrlHandler configured for all required verbs
  • Application Pool in Integrated mode with .NET CLR v4.0+
  • No antivirus/firewall blocking HTTP verbs
  • Failed Request Tracing enabled for detailed diagnostics

Testing Your Fix

After applying solutions, test with PowerShell:

Test PUT Request 

# Replace with your Nodinite WebAPI endpoint
$uri = "https://yourserver/Nodinite/WebAPI/api/monitorviews/1"
$body = @{ Name = "Test" } | ConvertTo-Json
$headers = @{ "Content-Type" = "application/json" }

Invoke-RestMethod -Uri $uri -Method PUT -Body $body -Headers $headers

Test DELETE Request 

$uri = "https://yourserver/Nodinite/WebAPI/api/alarms/123"
Invoke-RestMethod -Uri $uri -Method DELETE

Expected: HTTP 200 OK (or 204 No Content for DELETE)
Error: HTTP 405 indicates the issue persists

Security Considerations

After enabling PUT/DELETE verbs:

  1. Enable Authentication - Require Windows Authentication or API keys for WebAPI
  2. Use HTTPS - Encrypt all traffic to prevent man-in-the-middle attacks
  3. Restrict IP addresses - Use IIS IP Address and Domain Restrictions to limit access
  4. Audit changes - Enable Nodinite audit logging to track modifications

Example web.config security configuration:

<system.webServer>
  <security>
    <requestFiltering>
      <!-- Block potentially dangerous verbs if not needed -->
      <verbs allowUnlisted="true">
        <add verb="TRACE" allowed="false" />
        <add verb="TRACK" allowed="false" />
      </verbs>
    </requestFiltering>
  </security>
</system.webServer>

Still Getting 405 Errors?

If none of the above solutions work:

  1. Check Antivirus/Firewall - Some security software blocks PUT/DELETE requests
  2. Review Reverse Proxy - If using a reverse proxy (nginx, HAProxy), verify it forwards all HTTP verbs
  3. Check Load Balancer - Azure Application Gateway or F5 may filter verbs
  4. IIS Rewrite Rules - Custom URL rewrite rules may interfere with verbs
  5. Check Application Code - Ensure Web API controllers support the HTTP verb: 
    [HttpPut] // Attribute must match the HTTP verb
public IHttpActionResult UpdateMonitorView(int id, MonitorView view)
{
    // Implementation
}

Contact Nodinite Support with:

  • Failed Request Trace logs
  • web.config file (sanitize sensitive data)
  • IIS Module and Handler Mapping screenshots
  • Browser Network tab HAR export (F12 → Network → Right-click → Save as HAR)

Web Client
Web API