Unfortunatly service resolution does not take into consideration HTTP method, so requests for a method not allowed to a web API will not fail over to the catch-all. I do similar to what Doyle suggests and enable all methods for non-SOAP services then return a method not allowed error for methods that are not handled.
While I think Edward's solution would also work, I would avoid it because it would add overhead to all services and increase load on the database (also I try to avoid surfacing access to the database within the gateway as not all of my policy developers are administrators).