Why am I getting a 403 0r 406 when trying to login or update?
As of early April 2015 we enabled a set of ModSecurity rules on all Cloud and Reseller servers to protect our clients from malicious bots and hackers.
Over the years the number of malicious attacks we see hit our customers on our network has grown exponentially and the fact of the matter is that not everybody keeps all of their software up-to-date. Beyond that even some scripts that are fully up to date have vulnerabilities found by malicious individuals which are then used before a patch can even be made.
ModSecurity does help protect from all of that as well as much more. One side-effect of ModSecurity is that generally updating a script isn't going to be doable without first disabling ModSecurity.
Why do I need to disable ModSecurity to perform updates?
ModSecurity does have an extensive set of rules that watch for what is called SQL Injection. This is where a remote attacker tries to use a vulnerability in your software to get a copy of your database or worse. The update process for most scripts does include SQL and, as a result, tends to look like an attack to ModSecurity.
Disabling ModSecurity for the update is as simple as placing the following text in a file called ".htaccess" within the root folder of the script. The file is hidden as its name begins with a period but it is visible by default via FTP and optionally in the cPanel file manager when you check the 'Show Hidden Files' box.
To disable ModSecurity via ".htaccess" File:
<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
</IfModule>
What should I do when I am done updating?
We do strongly suggest that after you complete the updates you either remove these lines or comment them out by pre-pending a "#" to each line so you can uncomment it for future use.
