diff --git a/wfe/web-front-end.go b/wfe/web-front-end.go
index 874fbc72e..e09984437 100644
--- a/wfe/web-front-end.go
+++ b/wfe/web-front-end.go
@@ -171,16 +171,14 @@ func (wfe *WebFrontEndImpl) HandleFunc(mux *http.ServeMux, pattern string, h fun
 		}
 		response.Header().Set("Access-Control-Allow-Origin", "*")
 
-		switch request.Method {
-		case "HEAD":
+		// Return a bodyless response to HEAD for any resource that allows GET.
+		if _, ok := methodsOK["GET"]; ok && request.Method == "HEAD" {
 			// We'll be sending an error anyway, but we
 			// should still comply with HTTP spec by not
 			// sending a body.
 			response = BodylessResponseWriter{response}
 			h(response, request)
 			return
-		case "OPTIONS":
-			// TODO, #469
 		}
 
 		if _, ok := methodsOK[request.Method]; !ok {
diff --git a/wfe/web-front-end_test.go b/wfe/web-front-end_test.go
index 94a64ced6..a41435011 100644
--- a/wfe/web-front-end_test.go
+++ b/wfe/web-front-end_test.go
@@ -310,6 +310,13 @@ func TestHandleFunc(t *testing.T) {
 	runWrappedHandler(&http.Request{Method: "HEAD"}, "GET", "POST")
 	test.AssertEquals(t, stubCalled, true)
 	test.AssertEquals(t, rw.Body.String(), "")
+
+	// HEAD doesn't work with POST-only endpoints
+	runWrappedHandler(&http.Request{Method: "HEAD"}, "POST")
+	test.AssertEquals(t, stubCalled, false)
+	test.AssertEquals(t, rw.Header().Get("Content-Type"), "application/problem+json")
+	test.AssertEquals(t, rw.Body.String(), `{"type":"urn:acme:error:malformed","detail":"Method not allowed"}`)
+	test.AssertEquals(t, rw.Header().Get("Allow"), "POST")
 }
 
 func TestStandardHeaders(t *testing.T) {