workaround for "406 Not Acceptable" error

SalemKayaker

Joined: 2004-12-25
Posts: 27

Posted: Thu, 2006-04-06 13:01

Just in case anyone else runs into the same problem...

I have a customer domain which uses a Menalto Gallery 1.5 application.

Everything has been working fine, the customer has been happily uploading images, editing captions, etc.

But one of his latest image uploads has been having a problem. The Gallery application uploads the image fine, creates an appropriately sized thumbnail, and one can edit any of the text associated with the image. But if one tries to click on the thumbnail and bring up the full sized image within the application, it fails with the "406 Not Acceptable" error, and the onscreen message:

Not Acceptable

An appropriate representation of the requested resource
/gallery/subdir/VibratoryEcho could not be found on this server. (note we are using Mod_rewrite)

Apache/1.3.34 Server at example.net Port 80

I checked that the image file existed, it had the correct permissions, etc.

I deleted the image and uploaded it with a slightly different name... Still no go.

So I googled the error message and found some hits indicating that it might be a false positive from Mod_Security

So I put the following code in the customer's .htaccess file:

<IfModule mod_security.c>
# Turn off mod_security filtering.
SecFilterEngine Off

# The below probably isn't needed...
SecFilterScanPOST Off
</IfModule>

And, sure enough, the problem went away.

--Doug
Salem Design

Gallery URL: http://cahaly.net/gallery
Gallery version: Gallery v1.5.2-pl2
Apache version: API 19990320
PHP version:4.4.2
Graphics Toolkit: NetPBM
Operating system: Linux 2.6.9-22.0.2.ELsmp #1 SMP Tue Jan 17 07:10:04 CST 2006 i686
Web browser/version: N/A

h0bbel

Joined: 2002-07-28
Posts: 13451

Posted: Thu, 2006-04-06 16:31

Well, mod_security is a serverside setting, which we have no control over. Mod_Security probably doesn't like vibratory stuff. ;-)

h0bbel - Gallery Team
If you found my help useful, please consider donating to Gallery
http://h0bbel.p0ggel.org

SalemKayaker

Joined: 2004-12-25
Posts: 27

Posted: Thu, 2006-04-06 17:57

Yeah, I assume there was something in the file name that offended mod_security... I do wonder what it was. I kind of figured that mod_security was looking for code fingerprints in PHP.

--Doug
Salem Design

nchenier

Joined: 2005-12-03
Posts: 16

Posted: Tue, 2006-08-01 15:00

Hi Doug

where did you put that in the .htaccess file? I tried it and totally screwed up the gallery. Could you post the text from your file?

Thanks

Noel

SalemKayaker

Joined: 2004-12-25
Posts: 27

Posted: Tue, 2006-08-01 17:10

Hello Noel,

In this case we have two galleries (each in their own directory), one level down from the root directory for the site.

I put the following in the .htaccess file at the root level.

Quote:

IndexIgnore */*

#05APR06 turning of mod_security filtering because it is causing problems with Menalto Gallery

<IfModule mod_security.c>
# Turn off mod_security filtering.
SecFilterEngine Off

# The below probably isn't needed, but better safe than sorry.
SecFilterScanPOST Off
</IfModule>

The .htaccess files in the two Gallery subdirectories just have the mod-rewrite language.

That worked for me... But I have never understood exactly what mod_security was reacting to in this customer's gallery setup. I have a number of other Galleries set up on the same shared-hosting environment that have no problem... And they do not have mod_security turned off.

If your Gallery is at the root level for your site, I would suggest putting the language above at the very beginning of the .htaccess file.

'Hope this helps.

--Doug
Salem Design

SalemKayaker Joined: 2004-12-25 Posts: 27	Posted: Thu, 2006-04-06 13:01
	Just in case anyone else runs into the same problem... I have a customer domain which uses a Menalto Gallery 1.5 application. Everything has been working fine, the customer has been happily uploading images, editing captions, etc. But one of his latest image uploads has been having a problem. The Gallery application uploads the image fine, creates an appropriately sized thumbnail, and one can edit any of the text associated with the image. But if one tries to click on the thumbnail and bring up the full sized image within the application, it fails with the "406 Not Acceptable" error, and the onscreen message: Not Acceptable An appropriate representation of the requested resource /gallery/subdir/VibratoryEcho could not be found on this server. (note we are using Mod_rewrite) Apache/1.3.34 Server at example.net Port 80 I checked that the image file existed, it had the correct permissions, etc. I deleted the image and uploaded it with a slightly different name... Still no go. So I googled the error message and found some hits indicating that it might be a false positive from Mod_Security So I put the following code in the customer's .htaccess file: <IfModule mod_security.c> # Turn off mod_security filtering. SecFilterEngine Off # The below probably isn't needed... SecFilterScanPOST Off </IfModule> And, sure enough, the problem went away. --Doug Salem Design Gallery URL: http://cahaly.net/gallery Gallery version: Gallery v1.5.2-pl2 Apache version: API 19990320 PHP version:4.4.2 Graphics Toolkit: NetPBM Operating system: Linux 2.6.9-22.0.2.ELsmp #1 SMP Tue Jan 17 07:10:04 CST 2006 i686 Web browser/version: N/A
	XUser login Username: * Password: * Create new account Request new password
h0bbel Joined: 2002-07-28 Posts: 13451	Posted: Thu, 2006-04-06 16:31
	Well, mod_security is a serverside setting, which we have no control over. Mod_Security probably doesn't like vibratory stuff. ;-) h0bbel - Gallery Team If you found my help useful, please consider donating to Gallery http://h0bbel.p0ggel.org

SalemKayaker Joined: 2004-12-25 Posts: 27	Posted: Thu, 2006-04-06 17:57
	Yeah, I assume there was something in the file name that offended mod_security... I do wonder what it was. I kind of figured that mod_security was looking for code fingerprints in PHP. --Doug Salem Design

nchenier Joined: 2005-12-03 Posts: 16	Posted: Tue, 2006-08-01 15:00
	Hi Doug where did you put that in the .htaccess file? I tried it and totally screwed up the gallery. Could you post the text from your file? Thanks Noel

SalemKayaker Joined: 2004-12-25 Posts: 27	Posted: Tue, 2006-08-01 17:10
	Hello Noel, In this case we have two galleries (each in their own directory), one level down from the root directory for the site. I put the following in the .htaccess file at the root level. Quote: IndexIgnore / #05APR06 turning of mod_security filtering because it is causing problems with Menalto Gallery <IfModule mod_security.c> # Turn off mod_security filtering. SecFilterEngine Off # The below probably isn't needed, but better safe than sorry. SecFilterScanPOST Off </IfModule> The .htaccess files in the two Gallery subdirectories just have the mod-rewrite language. That worked for me... But I have never understood exactly what mod_security was reacting to in this customer's gallery setup. I have a number of other Galleries set up on the same shared-hosting environment that have no problem... And they do not have mod_security turned off. If your Gallery is at the root level for your site, I would suggest putting the language above at the very beginning of the .htaccess file. 'Hope this helps. --Doug Salem Design

workaround for "406 Not Acceptable" error

XUser login