Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Not Acceptable - 406

Discussion in 'General Discussion' started by JZM, Jul 27, 2011.

  1. JZM

    JZM Member

    Aug 17, 2007
    Likes Received:
    Trophy Points:
    How could I fix this issue?

    Not Acceptable

    An appropriate representation of the requested resource / could not be found on this server.
    HTTP/1.1 406 Not Acceptable
    Content-Length: 381
    Keep-Alive: timeout=5, max=97
    Connection: Keep-Alive
    Content-Type: text/html; charset=iso-8859-1
    Message: Access denied with code 406 (phase 2). Pattern match "\b(?:(?:s(?:ys(?:(?:(?:process|tabl)e|filegroup|object)s|c(?:o(?:nstraint|lumn)s|at)|dba|ibm)|ubstr(?:ing)?)|user_(?:(?:(?:constrain|objec)t|tab(?:_column|le)|ind_column|user)s|password|group)|a(?:tt(?:rel|typ)id|ll_objects)|object_(?:(?:nam|typ)e|id)| ..." at REQUEST_HEADERS:Cookie. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "88"] [id "959904"] [msg "Blind SQL Injection Attack"] [data "user_password"] [severity "CRITICAL"] [tag "WEB_ATTACK/SQL_INJECTION"]
    Apache-Error: [file "core.c"] [line 3543] [level 3] File does not exist: /home/careerid/public_html/406.shtml
    Action: Intercepted (phase 2)
    Stopwatch: 1311745252061144 8317 (7330 8020 -)
    Producer: ModSecurity for Apache/2.5.13 ([url=]ModSecurity: Open Source Web Application Firewall[/url]).
    Server: Apache
  2. Infopro

    Infopro cPanel Sr. Product Evangelist Staff Member

    May 20, 2003
    Likes Received:
    Trophy Points:
    cPanel Access Level:
    Root Administrator
    When mod security stops something from happening, its logged, and shows a file to the end user called 406.shtml, you don't have one though.

    You can create error pages from within cPanel > Advanced section > Error Pages > Show All HTTP Error Status Codes tab.

    The ID for the rule that was tripped is: id "959904" as seen in that message. You can edit your rules as you see fit if this rule is blocking something on your website that you'd like to have working but doesn't due to this. Problem with that is, editing the ruleset disables that rule for the entire server.

    Here's a great tool that allows you to disable a rule for just one site on the server, instead if you're interested:
    ConfigServer ModSecurity Control
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice