Avoid using "PUT" or "DELETE" HTTP methods

[DanReyLop]

Originally discussed in woocommerce/woocommerce#23155

The WooCommerce REST API uses all the HTTP verbs (GET, POST, PUT, DELETE). Also, we've found (props @dechov for the find) that WooCommerce Admin is already relying on some PUT REST endpoints. Here, for example.

In WooCommerce Services, we've had user reports in the past regarding endpoints like those. An apache2 server, with mod_security configured with the most popular set of settings, will forbid any PUT or DELETE HTTP requests to hit the server at all.

Here's the issue, with more context: Automattic/woocommerce-services#930

Gutenberg fixed the same issue here: WordPress/gutenberg#4396 and here: WordPress/gutenberg#5741

Basically, the fix is to change all PUT requests that com from the client to POST requests with a X-HTTP-Method-Override: PUT HTTP header, or a _method=PUT querystring arg. Same with DELETE or PATCH requests.

[DanReyLop]

Upon further investigation, you're using @wordpress/api-fetch in the client, which ends up including this middleware: https://github.com/WordPress/gutenberg/blob/d9768ad4294ffc08bed68459d342fa746f63aea4/packages/api-fetch/src/middlewares/http-v1.js

So, by virtue of using Gutenberg, this issue doesn't apply to you. Sorry for the noise :)