Search This Blog

Mar 29, 2011

Wordpress 406 Not acceptable Error

Last time is posted about "504 Gateway Time-out - nginx" error that wordpress team encountered few weeks ago. One of my friends asks me to help her for 406 not acceptable errors every time she hit the register button in site. This problem basically caused by the site webhosting and has nothing to do with the site structure or any clever assumptions that you might think. Specifically this issue is cause by mod-security rule which installed in the server for security purposes.

What it is mod-security?

ModSecurity is an open source web application firewall (WAF) engine for Apache that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.

In order to fix the problem, there are two to choose from. First option is to contact your hosting company and let them fix for it and second one is by setting off the SecFilterEngine in your site htaccess.

To disable it, Please do the following steps:

1. Mod-security issue can be disabled by setting the SecFilterEngine to off. So, first you need to locate your htacess file. If you we’re using wordpress, htacess is usually place on the root directory along with index and other php files.

2. Turn off the SecFilterEngine by adding this code: SecFilterEngine off anywhere in your htaccess file.

3. Save and test your site.

Result: You should no longer get the “Wordpress 406 Not acceptable Error.” error.