This error will appear in some sites if cookies are turned off and mod_security requires cookies to match session data. It is suppossed to make things more secure... it ends up just annoying. Especially because web indexing crawlers like googleBot and other search engines do not use cookies, so THEY see this error instead of your site.

如果 cookie 被关闭并且 mod_security 需要 cookie 来匹配会话数据，则此错误将出现在某些站点中。它应该使事情更安全......它最终很烦人。特别是因为像 googleBot 和其他搜索引擎这样的网络索引爬虫不使用 cookie，所以他们看到这个错误而不是你的网站。

Apache has a mod_security tool that tries to block SQL injections by url. This rule is also blocking some real urls. The solution is:

Apache 有一个 mod_security 工具，可以尝试通过 url 阻止 SQL 注入。此规则还阻止了一些真实的 url。解决办法是：

• access WHM in your dedicated server
• search for mod_security tools
• check if it's blocking some urls
• click in the rule id
• click in deploy and Restart Apache

• 在您的专用服务器中访问 WHM
• 搜索 mod_security 工具
• 检查它是否阻止了某些网址
• 单击规则 ID
• 单击部署并重新启动 Apache

if you don't have access to WHM in your server. Pass this issue to your server administrator.

如果您无权访问服务器中的 WHM。将此问题传递给您的服务器管理员。

This is the rule that was blocking my urls

这是阻止我的网址的规则

SecRule REQUEST_HEADERS|XML:/*|!REQUEST_HEADERS:Referer "\b(\d+) ?= ?\1\b|\'\"[\'\"] ?= ?[\'\"]\2\b" \ "phase:2,capture,t:none,t:urlDecodeUni,t:htmlEntityDecode,t:replaceComments,t:compressWhiteSpace,t:lowercase,ctl:auditLogParts=+E,log,auditlog,msg:'SQL Injection Attack',id:'959901',tag:'WEB_ATTACK/SQL_INJECTION',logdata:'%{TX.0}',severity:'2'"

SecRule REQUEST_HEADERS|XML:/*|!REQUEST_HEADERS:Referer "\b(\d+) ?= ?\1\b|\'\"[\'\"] ?= ?[\'\"]\2\b " \ "阶段:2,capture,t:none,t:urlDecodeUni,t:htmlEntityDecode,t:replaceComments,t:compressWhiteSpace,t:lowercase,ctl:auditLogParts=+E,log,auditlog,msg:'SQL注入攻击',id:'959901',tag:'WEB_ATTACK/SQL_INJECTION',logdata:'%{TX.0}',severity:'2'"

I was experiencing same issue with my WP site shared-hosted in HostMonster. I resolved simply by accessing to the server via SSH and added the following lines on the .htaccess file :

我在 HostMonster 中共享托管的 WP 站点遇到了同样的问题。我只是通过 SSH 访问服务器解决了问题，并在 .htaccess 文件中添加了以下几行：

<IfModule mod_security.c>
  SecFilterEngine Off
  SecFilterScanPOST Off
</IfModule>

In my case, I received this error when sending to viewer file wrong path to the file it needed to view.

就我而言，我在向查看器文件发送错误的需要查看文件的路径时收到此错误。

err: example.com/subDir/myViewer.php?file=%27../../myImages/myFile.gif%27
fix: example.com/subDir/myViewer.php?file=%27../myImages/myFile.gif%27

Do you have experience in setting up servers? Is this hosted by yourself or is it a shared hosting package?

你有设置服务器的经验吗？这是由您自己托管还是共享托管包？

The reason I ask is because this is a server-side (Apache) issue.

我问的原因是因为这是服务器端 (Apache) 问题。

First, make sure your .htaccess file doesn't have any silly rules in it. The error arises because the server is denying access.

首先，确保您的 .htaccess 文件中没有任何愚蠢的规则。出现错误是因为服务器拒绝访问。

Second, make sure your file permissions are set up correctly. Generally speaking, you want directories to be 7/0/0 or 7/5/0 and files to be 6/0/0 or 6/4/0.

其次，确保您的文件权限设置正确。一般来说，您希望目录为 7/0/0 或 7/5/0，文件为 6/0/0 或 6/4/0。

Read this for more details on Moodle security guidelines.

阅读本文以了解有关 Moodle 安全指南的更多详细信息。

As for the profile picture issue, I'm not entirely sure what you're referring to so unfortunately I'm unable to answer that question. I doubt the two issues are related from the sounds of things.

至于个人资料图片问题，我不完全确定你指的是什么，所以很遗憾我无法回答这个问题。我怀疑这两个问题从事物的声音上是相关的。

I'm writing scripts to communicate from one server to another and I don't own either servers and cannot change any settings. I was getting the Not Acceptable error with some embedded URLs but not others. For example this one gets Not Acceptable: http://magic.kayaker.net/simlink.php?avname=http://junk.comWhile this one does not: http://magic.kayaker.net/simlink.php?name=http://junk.com(fails whether I escape the query or not) The second one gets an unknown command, which is an error my script generates, the first one returns the not acceptable without ever running my php script. My solution has been to strip the http:// off all URLs and have the scripts on both ends put it back on.

我正在编写脚本以从一台服务器到另一台服务器进行通信，但我不拥有任何一台服务器，也无法更改任何设置。我收到了一些嵌入的 URL 的 Not Acceptable 错误，但其他的没有。例如，这个不可接受：http: //magic.kayaker.net/simlink.php?avname= http: //junk.com而这个不可接受： http: //magic.kayaker.net/simlink.php ?name=http://junk.com（无论我是否转义查询都失败）第二个得到一个未知命令，这是我的脚本生成的错误，第一个返回不可接受的命令，而没有运行我的 php 脚本。我的解决方案是去除所有 URL 的 http:// 并让两端的脚本重新打开。

It had the same problem when enter a link in a form. It's is not the http:// or https://

在表单中输入链接时也有同样的问题。它不是 http:// 或 https://

In the form i had

在我的表格中

<input type='text' name='demo'>

The name='demo' wasn't accepted anymore. I altered name='demo' into name='link' and solve it.

name='demo' 不再被接受。我将 name='demo' 更改为 name='link' 并解决它。

I had the same error when submitting a form to insert values into a database. The issue was that one of the form inputs was a link (with https). Once I took that input out, the error stopped showing up.

提交表单以将值插入数据库时​​，我遇到了同样的错误。问题是表单输入之一是链接（带 https）。一旦我取出该输入，错误就不再出现。

...In my case I was trying to save a Wordpress menu, with a link that pointed to #process (a div′s ID)...changed the #process to #ourprocess and it worked...

...在我的例子中，我试图保存一个 Wordpress 菜单，其中有一个指向 #process（一个 div 的 ID）的链接......将 #process 更改为 #ourprocess 并且它起作用了......

pretty strange if you asked me, but as real as it gets, I was able to replicate the issue more than 10 times. It is definitely the URL of the link that is blacklisted...

如果你问我，这很奇怪，但尽管如此，我还是能够将这个问题复制 10 次以上。绝对是被列入黑名单的链接的网址...

so, if you are using Wordpress in a shared hosting (in my case is Bluehost) it could be this... or something similar.

所以，如果您在共享主机（在我的情况下是 Bluehost）中使用 Wordpress，它可能是这个......或类似的东西。