mod_security the Apache Module, The Apache Firewall blocking your website?

The reason behind this findings is simple.One of my website which should be up and running everyday without fail was pulling my legs for the past 7 days because it always goes down at one time or another after posting or deleting some topics or something related to that was done.I raised a ticket on my web hosting provider and they told some firewall is blocking my IP.Then i realized that their is some culprit in between my webserver and the enduser.It is the apache module mod_security which is very powerful and we can install it with the webservers of apache easily.So the next step was that i want to disable this guy for my users otherwise they will experience NetWork Time Out or 500ISE[Internal Server Error] or even 406 HTTP error.

This is a very nice module that acts as an Apache firewall – it blocks a lot of the usual routes that people use to hack websites. In particular it scans POST requests (sent when you ‘save’ something on a website’), and displays a 406 error for anything controversial.

The solution was very simple. The following lines were added to the .htaccess file to disable mod_security:

<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>

Naturally you loose any benefits that mod_security might bring, but that’s better than a non-functioning website, and you can always ask for the security configuration to be toned down to a more acceptable level.

Disable mod_security in .htaccess file

1. If you do not have one yet, an .htaccess file in the folder of your web application
2. To disable mod_security COMPLETELY, add the following line to the .htaccess file:

3. <IfModule mod_security.c>

4. SecFilterEngine Off

   OR, to disable HTTP POST scanning only, use the following instead:
   SecFilterScanPOST Off

5. </IfModule>

6. Save the file and test your web application to check whether disabling mod_security has solved your problem.

After a day long googling i found out the culprit that was not allowing me to access my website.I think i have fixed my issue and i think u also have found out the real culprit behind your access issue.