January 8, 2013 at 11:00 am #10386
willyrParticipantPost count: 36
OK, I suspect I’m doing something wrong now, that worked before.
But, installing plugins in a new site still works fine, but when I modify the plug in settings on any of the plug ins Genesis (I guess) comes back with this error message:
406 Not Acceptable
This request is not acceptable
Powered By LiteSpeed Web Server
LiteSpeed Technologies is not responsible for administration and contents of this web site!
I am not doing anything differently in working the plugins that I did on several other sites before the G 1.9 update, now I’m having all sorts of problems.
Can anyone point me to directions to resolve these issues?
Maybe in future I won’t be so quick to upgrade.
BillJanuary 9, 2013 at 2:20 pm #10771
nickthegeekKeymasterPost count: 751
I believe this is being resolved in help desk with apparent issues from the mod_security setup on the server correct?January 9, 2013 at 3:25 pm #10802
willyrParticipantPost count: 36
Nick, thank you for your help. Your recommendation here: “Ok, the 406 error generally indicates that the server is sending some really rough data to the browser. It simply cannot be understood at all by the browser so the 406 error is returned instead. This doesn’t typically happen because browsers usually try their best even if it doesn’t know what to do with the data.
There are a few possible issues that might result in this. The first step would be to try a different browser.
If that doesn’t resolve it you need to contact the host to see if they have any specific error logs that might indicate why this is happening. Thanks.” convinced me to try and seek resolution at my host site.
I contacted them, and their response to Nick’s comments was “I have analysed the error logs and observed that the issue encountered is due to “mod-security” restriction for the domain.
2013-01-09 09:58:04.327 [NOTICE] [18.104.22.168:52317-0#APVH_orlando-florida-attractions.com] mod_security rule triggered!
[ID: 950004] [Msg: Cross-site Scripting (XSS) Attack]2013-01-09 09:58:04.327 [NOTICE] [22.214.171.124:52317-0#APVH_orlando-florida-attractions.com] Content len: 4299, Request line: ‘POST /wp-admin/post.php HTTP/1.1′
‘mod_security’ is an Apache module (for Apache 1 and 2) that provides intrusion detection and prevention for web applications. It aims at shielding web applications from known and unknown attacks, such as SQL injection attacks, cross-site scripting, path traversal attacks, etc.
For some third party scripts to work properly, we will have to exclude certain protection features/modules. mod_security has certain rules for the words “pattern” used in online CMS and requested URLs. If any pattern match with the requested URL under your site or any online CMS try to put the words “Pattern” to database, mod_security deny the access to it. Most of the CMS put the data in the database and edit/delete record from database and they really need the mod_security to be disabled.
Please confirm whether I shall disable the mod_security feature for the domain.”
OK, I so confirmed, and bingo, I can add media etc. so the problem appears to be solved.
My host site did not respond when I asked them why I had this problem with this site, but not on any other of my WP/SP sites.
I recall reading a post elsewhere about the “security message” that is popping up now on some sites. I was happy to see that I could ignore it, as, really, I don’t understand the issue. It seems, however, that the change in Genesis does have ramifications, and I believe that others may run into this same problem when working on their sites.
My thanks to all in the SP forum and in the Support group for their help in resolving what was for me a catastrophic problem.
You must be logged in to reply to this topic.