I’ve been able to publish new articles on my blog and sometimes I do save them up before publishing for editing/updating it later. For no reason, I was unable to save an article which I was working on. When I click on the “Save Draft” button in my WordPress, I get the “Error 406, Not Acceptable. An appropriate representation of the requested resource /wp-admin/post.php could not be found on this server” error.
This problem has caused me to lose all my writings on the post and clicking the Back button on the web browser does not recover the text that I’ve typed. That is why it is important for anyone who uses WordPress to install a plugin called Lazarus where it saves everything you typed in a web form and allows quick recovery if for some reason the web form got cleared out. Lazarus works on Firefox, Chrome and Safari. After getting the 406 error, I tried writing a new article with any random story and this time was able to save! I researched the cause of this problem and found the solution. The good news is this Error 406 is caused by your webhost and has got nothing to do with you. Most of the webhost that offers shared hosting installs ModSecurity, an open source web application firewall to protect their servers from you abusing it and also from being hacked by hackers by using a bunch of rules. One of the example is you cannot run RapidLeech script on some webhost that has a rule to match the text pattern in the script. The first step in attempting to solve this problem is to contact your webhost and ask them to fix it by checking their audit log file and disable the rule for your account.
If they are not being nice to help you out, you should consider moving to a new webhost simply because the trick of turning off ModSecurity filtering from the .htaccess only works on ModSecurity v1 and is disabled in ModSecurity v2. That is why some of you may be getting the 500 error if you insert these rules “SecFilterEngine Off”, “SecFilterScanPOST Off” or “SecRuleEngine Off” in .htaccess file.
Nevertheless, you can definitely try it out because it worked for me and for some others. At the root of your blog, locate the file .htaccess and add a line SecFilterEngine off. An easier way to edit the .htaccess file without using a FTP client is by installing a plugin called WP Htaccess Editor. Login to your WordPress Admin panel, go to Plugins > Add New > enter WP Htaccess Editor in the search box and click the Search Plugins button. Click the Install Now link for WP Htaccess Editor and activate the plugin. Now click on the new Htaccess option that appears on the left hand menu, enter the following rule in your htaccess file and click the Save File button.
Do take note that you will still need to manually edit the .htaccess file using a FTP client software or the cPanel File Manager to remove the SecFilterEngine rule. This is because you may not be able to access your own website when the error 500 starts to appear.