I found information about an optional Apache module called mod_security. This is a very nice module that acts as an Apache firewall â€“ it blocks a lot of the usual routes that people use to hack websites. In particular it scans POST requests (sent when you â€˜saveâ€™ something on a websiteâ€™), and displays a 406 error for anything controversial.
The solution was very simple. The following lines were added to the .htaccess file to disable mod_security:
In case if this didn't work, then create a conf file and disable mod_security for the domain. Follow the steps below
You have to create a individual rule for that domain. You can see the conf via Apache.
Â Include "/usr/local/apache/conf/userdata/*.conf" Include "/usr/local/apache/conf/userdata/*.owner-root" Include "/usr/local/apache/conf/userdata/std/*.conf" Include "/usr/local/apache/conf/userdata/std/*.owner-root" Include "/usr/local/apache/conf/userdata/std/2/*.conf" Include "/usr/local/apache/conf/userdata/std/2/*.owner-root"
Now create a customized file to disable mod_security for that domain alone.
# cd /usr/local/apache/conf/userdata/std/2/ # mkdir USERNAME (e.g domain name is google.com and the username is goog then create a directory as goog)
# cd goog/ # mkdir google.com # cd google.com # touch mod_security2.conf # vi mod_security2.conf Now, add these lines in that file
save and exit
Then restart apache