Not Acceptable

Discussion of non-phpBB related topics with other phpBB.com users.
Forum rules
General Discussion is a bonus forum for discussion of non-phpBB related topics with other phpBB.com users. All site rules apply.
Post Reply
User avatar
bubbathegimp
Registered User
Posts: 192
Joined: Tue Sep 25, 2018 8:02 pm
Location: Off Plumb
Name: Bubba
Contact:

Not Acceptable

Post by bubbathegimp »

Lately I have been getting an odd error on Cornpone, and on another site.
Both sites are running PhPBb, and are hosted on Hostgator Servers.

Whenever you try to post, or use another feature, PM etc. it triggers a Not Acceptable, Mod Security Error.

the problem clears up randomly, after a few hours, then returns.

I havent made any recent changes...benn running ok. still waiting to hear from hostgator to see if they have done something on their end (which i suspect since it started a few days before on the other site, than it did on mine)......
User avatar
HiFiKabin
Community Team Member
Community Team Member
Posts: 6673
Joined: Wed May 14, 2014 9:10 am
Location: Swearing at the PC, UK
Name: James
Contact:

Re: Not Acceptable

Post by HiFiKabin »

As its a ModSecurity error your best (maybe only) course it to let your hosts know exactly then the error happened so that they can whitelist the trigger.
User avatar
bubbathegimp
Registered User
Posts: 192
Joined: Tue Sep 25, 2018 8:02 pm
Location: Off Plumb
Name: Bubba
Contact:

Re: Not Acceptable

Post by bubbathegimp »

been getting a lot of random 401 errors that clear up after a few minutes whenever i go to use the ACP.....
my renewal is due 9/23, and i'm thinking it would be a good time to change hosts.

just got finished chatting with A2
User avatar
thecoalman
Community Team Member
Community Team Member
Posts: 5871
Joined: Wed Dec 22, 2004 3:52 am
Location: Pennsylvania, U.S.A.
Contact:

Re: Not Acceptable

Post by thecoalman »

mod_security is the front end for a set of rules. The common rule set is provided by OWASP but rule sets can be customized, purchased etc. For example suppose there is a new or old exploit in a common web application like phpBB, WordPress etc. OWASP or even the hosting company can deploy a rule to counter it. They can proactively stop web applications from being exploited with a single line of code which can be pretty important if you are hosting millions of websites on shared hosting where your customers are slow or unresponsive to updating their web applications.

If you look in the server error logs what rule was triggered may be listed. False positives are to be expected and you can either disable the rule or fix it. There is limited options for this on shared hosting, you almost always need to inform the host so they can disable or fix the rule. It's possible to disable individual rules with .htaccess however that feature needs to be enabled by the host. Last but not least If the host uses Cpanel (or possibly other control panels) you may be able to disable mod_security entirely in your hosting control panel but that should only be a temporary solution, you should contact the host so they can disable the problematic rule and then enable mad_security.
“Results! Why, man, I have gotten a lot of results! I have found several thousand things that won’t work.”

Attributed - Thomas Edison
User avatar
bubbathegimp
Registered User
Posts: 192
Joined: Tue Sep 25, 2018 8:02 pm
Location: Off Plumb
Name: Bubba
Contact:

Re: Not Acceptable

Post by bubbathegimp »

the only errors listed through the Cpanel are a couple ip addresses were blocked by my Robots txt....
User avatar
thecoalman
Community Team Member
Community Team Member
Posts: 5871
Joined: Wed Dec 22, 2004 3:52 am
Location: Pennsylvania, U.S.A.
Contact:

Re: Not Acceptable

Post by thecoalman »

robots.txt does not block anything by itself. It's a simple text file that bots will download, you can add directives that legitimate bots like Googlebot will adhere to.
“Results! Why, man, I have gotten a lot of results! I have found several thousand things that won’t work.”

Attributed - Thomas Edison
Post Reply

Return to “General Discussion”