Support » How-To and Troubleshooting » 406 Not Acceptable error

406 Not Acceptable error

  • My blog was working fine in IE9, now I get this error:
    <<Not Acceptable
    An appropriate representation of the requested resource /blog/ could not be found on this server.

    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.>>

    I can’t get into the blog or into admin. I can FTP without a problem. The blog comes up fine in IE8, Firefox. This error started appearing without my making and mods to my WP blog. One minute the blog was working, when I went in later it was not.

    Clearing cache, rebooting makes no diff. Other users complaining of the same problem. I’m trying to find out which browsers they’re using.

    I’ve researched this on the forum, seems there’s an .htaccess fix that doesn’t work in all cases, and that was 3 years ago.

    My hosting service (HostICan/Jumpline) says there’s no problem. (Duh.) I’d appreciate any insight, suggestions (or even a fix!). Thanks very much.

Viewing 12 replies - 1 through 12 (of 12 total)
  • Try switching to the default theme and see if you’re still seeing the same issue. It could be theme-specific.


    Good suggestion — thanks. But that’s not it. I tried Kubrick and Twenty Ten — no dice. They both work in Firefox, but not in IE9. I frankly think my web host did something funky to my (shared) server setup, or another user corrupted something on the server. Because one minute I could access the blog on IE9, the next minute I couldn’t. (The techies at HostICan/Jumpline can’t replicate the problem on their Ubuntu pcs, so their conclusion is, “There is no problem.”

    Just doesn’t sound like a WordPress problem, but I’m not a WP expert by a longshot! That’s why I put it up here, hoping for some insight.


    It’s definitely possible that it’s the host doing something funky.

    disable all plugins too, make sure it’s as basic as possible.

    otherwise, talk to your host, maybe move you to another server.

    I’ve researched this on the forum, seems there’s an .htaccess fix that doesn’t work in all cases, and that was 3 years ago.

    What was the fix?

    The fix is described here:

    This fix is also described elsewhere, and it doesn’t seem to work for others. I haven’t tried it because the problem with my blog is not across the board — it seems to happen only in IE.


    Okay. Ask your host this: “Have any changes/upgrades been made to mod_security on my server?”

    The fix won’t work anymore because the app if fixed (Mod_Security) doesn’t let you do that any more. But it’s still a problem. They may need to edit the whitelist.conf file for ModSecurity


    ## WordPress
    <LocationMatch "/index.php">
    SecRuleRemoveById 300015 300016 300017
    SecRule REQUEST_URI "/wp-comments-post.php" phase:1,nolog,allow,ctl:ruleEngine=Off
    #<LocationMatch "/wp-comments-post.php">
    #SecRuleRemoveById 300015 300016 300017
    <LocationMatch "/wp-admin/post.php">
    SecRuleRemoveById 300015 300016 300017
    <LocationMatch "/wp-admin/admin-ajax.php">
    SecRuleRemoveById 300015 300016 300017
    SecRuleRemoveById 300013
    <LocationMatch "/wp-admin/page.php">
    SecRuleRemoveById 300015 300016 300017

    UPDATE: One of my subscribers uses IE8 and she’s on a different ISP from me. She can access the blog, but she can’t post a comment and graphics don’t appear. How’s that for weird?

    I’ve considered reinstalling WP, but the fact that the blog functions normally in Foxfire tells me the blog is fine. I’ve done no MSFT updates since 3 weeks ago.

    NickCorcodilos – That TOTALLY sounds like mod_security in action. Go ask your host about that specifically.

    @ipstenu: I’m ahead of you on that one. I’ve asked my host whether mod_security is enabled. No answer yet. Your version of the question is better because it’s more general (“any changes/upgrades?”) – and techs tend to be very literal. I’ll report when they respond.

    In the meantime, I’m getting hot and heavy with another web host. My host has pulled this before — they change server settings without notice. (Last winter they moved my site to another server without telling me… disaster.) I’d welcome recommendations. The hosts that charge <$10/mo don’t like the CPU usage I need… so I’m at the next level, but not quite at a dedicated server. But this is for another thread… sorry!

    Still would like to fix this… I’m worried that it really is something with WP… Thx again.

    We’re not allowed to recommend hosts (it gets way too commercial too fast).

    I’ve had weird mod_security issues crop up with standard upgrades (I have a VPS and have root control). It’s not necessarily anything anyone did directly. Sometimes server upgrades get weird :/

    Problem solved. Ipstenu, you nailed it. Thanks! I pressed HARD back at Jumpline on the mod_security setting, and after multiple techs told me there WAS no problem, one tech figured it out.

    Here’s the info he posted on my ticket. (I substituted [OMITTED] for anything that might compromise the server.) You’ll get a laugh. I’m not technical enough to appreciate it in detail, but it seems to me something tripped a software switch. It seems someone tried to hack the server so they shut down my site??? What do you make of this?

    Thanks again — you helped me push the right button to get them to fix this! Perhaps this will help someone else.



    Something is tripping

    [Thu Dec 08 18:06:04 2011] [error] [client] ModSecurity: Access denied with code 406 (phase 2). Invalid UTF-8 encoding: invalid byte value in character at REQUEST_HEADERS:Cookie. [offset “235”] [file “/usr/local/apache/[OMITTED]”] [line “23”] [id “[OMITTED]”] [msg “UTF8 Encoding Abuse Attack Attempt”] [severity “WARNING”] [hostname “www.[OMITTED].com”] [uri “[OMITTED].htm”] [unique_id “[OMITTED]”]

    I’ve added your domain to be ignored by mod_security. See if that helps.

    Andrew W.



    I realize this is an old thread, but it’s still relevant. I’m consistently amazed at both the lack of knowledge of many users, and also the willingness to immediately assume “it must be something funky the hosting company is doing.”


    ModSecurity is a set of rules designed to protect your website/WordPress blog. Yes, there are times it needs to be tweaked/adjusted, as there will never be any security system/firewall that’s a plug-and-play one-size-fits-all.

    Beyond that, the OP stated the site worked fine in Firefox but not in ie9. That right there should have been a clue it was NOT something the web hosting company did!

    The fact is, there’s *many* potential issues along the way. It could be a WordPress issue, could be a ModSecurity issue, a firewall issue, and server software (of which there are hundreds) upgrade compatibility issue. I’ll wholeheartedly agree that it sounds like the hosting tech support was a little too quick to say there was no problem on their end…but we also don’t know how detailed you were in your requests, etc. Then again, at less than $10 a month, you get what you pay for.

    My general point (and yes, I do have one) is that time and time and time again in this forum and others, I see users taking about 30 seconds to research their issue, and if the answer doesn’t smack them in the face, then it must be the host’s fault. If you buy a car, you take the time to learn how to drive it, and many years perfecting that skill. Put at least as much effort into learning what you’re doing when you install a script that’s on the Internet and a target to every hacker over the age of 5.

Viewing 12 replies - 1 through 12 (of 12 total)
  • The topic ‘406 Not Acceptable error’ is closed to new replies.
Skip to toolbar