406 not acceptable error on install...

Monday 19 February 2007 11:47:21 am

Hi Wayne

If you google around a bit you can find quite a few pages stating mod_security as the reason for this problem. The recommended solution is to add the following to your .htaccess:

<IfModule mod_security.c>
 SecFilterEngine Off
 SecFilterScanPOST Off
</IfModule>

Please note that I don't know whether doing this is a good idea as I don't have the slightest clue what mod_security is actually doing. On the other hand this htaccess addition was recommended for drupal, joomla, wordpress ... so if you want to use a cms it seems that you have to live with it.

Claudia

Wednesday 09 May 2007 1:45:15 am

check your error log for apache mine was error_log

you should see a mod_security error message

mine was
[Wed May 09 02:30:33 2007] [error] [client 210.209.74.203] mod_security: Access denied with code 406. Pattern match "!(/imp/login\\\\.php)" at HEADER("Referer") [id "300018"] [rev "3"] [msg "Generic PHP code injection protection via ARGS"] [severity "CRITICAL"] [hostname "www.somedomain.com"] [uri "/index.php?option=login"] [unique_id "gnZhgH8AAAEAAEa8QMAAAAAA"]

grepped 300018 in /etc/httpd/conf.d/ the id for the error message

found mod_sec-rules.conf had a matching rule

the rule was "really broad furl_fopen attack sig"

There are two version of this same rule.

Commented out the 1st version.

restarted httpd / apache.

error message no longer appeared.