406 Error – Not Acceptable

There are many errors that you may see as you visit different websites across the web. One of the more common ones is the 406 – Not Acceptable error. This article explains the error, what causes it, and how to correct it if it happens on your site.

What is the 406 Error?

406 error - Not acceptable

Web browsers make a request for information from the server. When this happens, it sends an Accept header. This tells the server in what formats the browser can accept the data. If the server cannot send data in a format requested in the Accept header, the server sends the 406 Not Acceptable error.

The error can also be generated by the mod_security module. Mod_security, a type of firewall program that runs on Apache web server, scans for violations of the rules it has set. If an action occurs that violates one of these rules, the server will throw a 406 error.

What caused this error on my site?

In regards to a site on your hosting account, the cause of the 406 error is usually due to a mod_security rule on the server. Mod_security is a security module in the Apache web server that is enabled by default on all hosting accounts. If a site, page, or function violates one of these rules, server may send the 406 Not Acceptable error.

How can I prevent it?

406 error - Not acceptable

Mod_security can be turned off. You can also disable specific ModSecurity rules or disable ModSecurity for each domain individually. If you would like mod_security disabled you can disable mod_security via our Modsec manager plugin in cPanel.

Note! You may not have the option to enable or disable mod_security in your cPanel on VPS or Dedicated servers. To disable mod_security on accounts that don’t have the option in cPanel, you will need to use command line via SSH or contact tech support to disable/enable it for you.

Alternatively, if you only need certain select rules disabled instead of having it turned off for an entire domain, you can use the ticket portal in AMP to submit a ticket.

Thoughts on “406 Error – Not Acceptable

  • Yes foe me this article works for me i disable mode of security on my cpanel then everything is working but i was warn that my domain might be vulnerable for attack.. thanks

    • Hi Sunday – sorry for the issues with your security. Yes, if security errors are occurring then you may be vulnerable to some type of intrusion or attack. My recommendation would be to contact our live technical support team to review the errors that you’re seeing. You need to provide a copy of the error and details relating to it.

  • whenever I open my bluehost wordpress website wp_login.php it shows

    Not acceptable

    An appropriate representation of the requested resource could not be found on this server. This error was generated by Mod_Security.

    I am not getting how to fix it….

    Please help me. I don’t want to turn off the Mod_Security

    • You’ll need to talk to Bluehost. They may be able to disable the rule that is triggering the error without turning off Mod_sec alltogether.

  • Thanks to this article! I’ve been resetting my website because of the 406 error (tsk! just a waste of time, it’s been a week on why I kept on receiving such error.

    Until chada!

    Thank you so much for this helpful information, it solves my issues and Yes! it was because of the mod_security, already called the host provider and told them to disable the mod_security and it solves!

    kudos guys!

  • Hi ,

    When I am enter Manzoor the trainer website it is showing me an 406 Error Not Acceptable. Please solve my issue ASAP.

  • This worked: Whitelisting my IP address in the Modsec Manager.

    To find the Modsec Manager I followed the steps in this article, then I clicked the “submit” button next to my IP address and it was added to the Whitelist. Now I can access the site again.


    Not Acceptable

    An appropriate representation of the requested resource /erp/index.php could not be found on this server.

    Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.


    i have the above error.,, 

     how to recover

    • Hello Siva,

      Are you sure that file exist on the server? Have you checked your error log for any lines regarding this file? Do you have anything in the .htaccess in the /erp directory?

      Best Regards,
      TJ Edens

    • Hello Roberto,

      Have you tried disabling the mod_sec within the cPanel using the mod_sec manager?

      Kindest Regards,
      Scott M

    • Hello Daniel,

      Have you checked with your hosting company to see if you are running against a mod_sec rule? You will want to provide instructions on how to hit the error so they can duplicate and then check their logs to find the specific rule it is running up against.

      Kindest Regards,
      Scott M

  • I suppose I can tell all my clients to drop your hosting service and go to one that is not using mod_security2, which is now causing quite a few problems with various CMS programs (WordPress, Drupal, and various others). Maybe they should choose a web host who wants to help the customer instead of actively not trying to help them with their problems. Mod_security2 is wreaking hell and all you can say is “sorry, we can’t help you. You’re on a shared hosting account.” I know for a fact there is a way to disable this for each domain, even with a shared hosting account. All you have to do is look at the procedures available online by Googling “disable mod_security2 for a domain.”

  • I found that if I used the words “drop” and “from” in a text I want to enter into the database the server throws a 406 error. For instance, the phrase “I had to drop him from the class roster” threw a 406 error, when I tried to add that text. However, if I changed it to “I had to remove him from the class roster” it went through just fine. The mod_security rules involved can sometimes be a little onerous.

    • Show a way to disable mod_security2 for specific domains, or at least show how to disable some of the onerous rules that are causing the problems.

    • Unfortunately, it is only possible to disable mode_security across the cPanel account within a shared hosting environment. If you are on a VPS or dedicated server, we can indeed disable specific rules for you and make more custom changes.

  • I didn’t change anything on the arduino code, I didn’t even restarted since this starting ocurring.

    Why is it now showing 406 and not before?

    • Hello Leandro,

      If you have already disabled the mod_security and still get the 406, you will want to contact our Live Support so they can find the specific cause of your error.

      Kindest Regards,
      Scott M

  • Hi There,

    I am receiving a 406 when trying to access a php from an arduino. 

    It has been working from days until ‘2014-07-08 19:20:00 UTC’.

    I am able to access from a computer and cell phone, but not from the arduino, I always get a 406.

    I have already disabled mod_security.

    What else could I do?


    • This is most likely caused by the user agent that is being sent from the Arduino. My best advice would be to change the user agent so that it appears as it if were a normal desktop user.

  • Hi im using an iphone 4. Receiving server code 406 while trying to access anything that need internet how do i fix this please

    • Hello Robert,

      I’m sorry to hear that you’re having problems with a Mod security error. In general, the 406 error is occurring because something is trying to be accessed that the server is not allowing. As per the article above, you can disable the Mod-security, but it’s not typically recommended. You state that you’re having the problem accessing “anything that need internet”. That’s a very general statement. You will need to help narrow down the problem. Have you tried to access your website through a computer (not the iPhone)? Also, WHAT are you trying to access? You have not provided any website information, so it makes it very difficult for us to try to help you. Can you provide us any specific information such as your website or any error messages? This would help us to isolate the problem and troubleshoot the matter for you.

      Arnel C.

  • The same thing happened to me to and around the same date.  I don’t want to disable mod sec because it may open my site up to any more potential problems.

    • Any insecure code on your site can indeed flag mod_security. If you do not want to disable mod_security, you will need to locate the problematic code and adjust it accordingly. For more information on what may be flagging mod_security, you may review your Apache error logs from within cPanel for any related errors.

    • I do see that your ticket is still open with a higher tier of support. They will be getting back to you as soon as possible. Thank you for your patience.

  • Everyting was fine in the code untill 9th March. I disabled Mod_Sec but the issue was not resolved. Please check ticket id 1744538 .

    • Unfortunately, I am unable to provide any account-specific information via this public message board. If you have an open ticket with support, I recommend waiting for a response from our technical support team.

  • I’m facing this error on one of my website > <a href=”https://www.coupontray.com/”>Coupontray</a> . I have submitted the issue to support team but it is still not resolved.

    • As stated in the article, this is caused by issues within your code that are flagging mod_security as insecure. You could either resolve the insecurity within your code, or turn mod_security off. Of course, fixing the issue is the best solution as turning mod_security off could open that potentially insecure page up to malicious attacks on your site.

Was this article helpful? Let us know!