mod security

From IndieWeb
Jump to navigation Jump to search

mod_security is a web application firewall for the Apache web server.


Blocking Requests

Sometimes mod_security may block otherwise-legitimate requests. If you get an error message like:

Not Acceptable!
An appropriate representation of the requested resource could not be found on this server. This error was generated by Mod_Security.

you will probably need to contact your hosting provider to have them change some of the security settings.


• The 'Not Acceptable!' issue has been encountered by some sites hosted on Bluehost. Jack Jamieson experienced this bug on his WordPress site while trying to use the WordPress IndieAuth plugin. As of 2019-08-06, this was resolved by Bluehost's technical support. To resolve this problem it was necessary to tell them to disable mod_security at the IndieAuth plugin endpoint URLs, which can be seen on the IndieAuth plugin settings page (

• The same seems to be true for any IndieAuth implementations on Bluehost regardless of if they are setup through WordPress or not. You may have to walk them through the process of how to encounter the correct error by sending them a login page in order to escalate to the right support level. AramZS (talk)

See Also