The reason behind this findings is simple.One of my website which should be up and running everyday without fail was pulling my legs for the past 7 days because it always goes down at one time or another after posting or deleting some topics or something related to that was done.I raised a ticket on my web hosting provider and they told some firewall is blocking my IP.Then i realized that their is some culprit in between my webserver and the enduser.It is the apache module mod_security which is very powerful and we can install it with the webservers of apache easily.So the next step was that i want to disable this guy for my users otherwise they will experience NetWork Time Out or 500ISE[Internal Server Error] or even 406 HTTP error.
This is a very nice module that acts as an Apache firewall – it blocks a lot of the usual routes that people use to hack websites. In particular it scans POST requests (sent when you ‘save’ something on a website’), and displays a 406 error for anything controversial.
The solution was very simple. The following lines were added to the .htaccess
file to disable mod_security:
<IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST Off </IfModule>
Naturally you loose any benefits that mod_security might bring, but that’s better than a non-functioning website, and you can always ask for the security configuration to be toned down to a more acceptable level.
Disable mod_security in .htaccess file
- If you do not have one yet, an
.htaccess
file in the folder of your web application - To disable
mod_security
COMPLETELY, add the following line to the .htaccess file: -
<IfModule mod_security.c>
-
SecFilterEngine Off
OR, to disable HTTP POST scanning only, use the following instead:
SecFilterScanPOST Off
-
</IfModule>
- Save the file and test your web application to check whether disabling
mod_security
has solved your problem.
After a day long googling i found out the culprit that was not allowing me to access my website.I think i have fixed my issue and i think u also have found out the real culprit behind your access issue.