I am implementing a PHP web application on a shared hosting environment. The hosting service has implemented mod_security.
Unfortunately, some of the PHP in the app (a fairly popular shopping cart) is triggering mod_security when I try and save any settings in the cart admin interface.
With mod_security running, any time I try and save a change in the shopping cart admin interface, I get a 406 Not Acceptable error message.
And when I asked the hosting sevice to look in the logs, they found the following:
mod_security-message: Access denied with code 406. Pattern match "/bin/" at POST_PAYLOAD
And turning off mod_security using "SecFilterEngine off" allows us to save settings without any problem.
We didn't want to turn off mod_security entirely so we tried:
SecFilterSelective "POST_PAYLOAD" "/bin/" "allow,nolog"
But we still got the 406 Not Acceptable message.
The hosting service suggested:
SecFilterSelective ARGS "/bin/" "allow,nolog"
SecFilterSelective ARGS "/usr/bin/" "allow,nolog"
But than didn't work either. Obviously you cannot debug individual implementations but if you can see anything in our syntax that is incorrect, it would be appreciated. Or if there is some reason why this would not work in .htaccess?