How do I resolve intermittent 406 Not Acceptable errors?

Security Security Read Time: 1 Min Write a comment

We use an Apache web server module called mod_security to deny invalid/suspicious requests made to the web server. Occasionally mod_security will deny legitimate requests, sometimes because the referrer URI or hostname contains something mod_security thinks indicates hacking of some kind. Frequently when legitimate requests are blocked, a 406 Not Acceptable error displayed in the visitor's browser. We can make an exception to prevent this from happening, if the 406 error is happening to legitimate visitors requesting proper URLs. In order to create an exception, you'll need to find the mod_security rule id in your error log and then open a support ticket to request that we make an exception for that rule for your site.

To find the rule id, log into your site control panel and click the Error Log icon under the Logs section. Review the error log entries and look for something like this:

[Mon Nov 22 23:34:38 2010] [error] [client 1.2.3.4] ModSecurity: Access denied with code 406 (phase 2). Invalid UTF-8 encoding: invalid byte value in character at ARGS:menutype. [offset "0"] [file "/usr/local/apache/conf/modsec2.user.conf"] [line "26"] [id "950801"] [msg "UTF8 Encoding Abuse Attack Attempt"] [severity "WARNING"] [hostname "sampledomain.com"] [uri "/administrator/index2.php"] [unique_id "TOtSbkPkDsgAACT6R5sAAABJ"]

In the above log entry, "Access denied with code 406" indicates the 406 error was generated, and the [id "950810"] reveals the mod_security rule that was triggered by the request. In this case, we can make an exception for rule id 950801 for your site to prevent this from continuing to be a problem.

Write comments...
or post as a guest
Loading comment... The comment will be refreshed after 00:00.

Be the first to comment.