Updated on Feb 2, 2022
Web browsers make a request for information from the server whenever one visits your website. If the Web server detects that the data it wants to return is not acceptable to the client, it returns a header containing the 406 error code. In practice, this error is very rarely used compared to the “404-Page not found” but it refrains you from accessing a site. You need to learn about its cause and the solution. In this tutorial, you're going to learn about what might cause the 406 Not Acceptable error, along with a handful of tips for diagnosing and debugging within your own application.
Table of Contents:
The 406 Not Acceptable is an HTTP response status code. When user agents (web browsers) make a request for information from the server, they send an Accept header, which tells the server the specific formats in which the browser can accept data. If the server is unable to send data in any of the formats requested in the Accept header, the result would be a 406 Not Acceptable error.
There are more than 50 status codes, representing the complicated relationship between client, web application, web server, and sometimes even multiple third-party web services. That said, it’s not easy to determine what’s causing a specific status code, at least not without some proper diagnostics and troubleshooting.
On the other hand, the root cause of a 406 Not Acceptable error could be the server. There are known cases where the server is misconfigured and handling requests improperly, which can result in 406 code responses and other problematic traffic routing issues.
As always, it’s best to play it safe from the start. Create a full backup of your website or application, database, as well as all other components. Doing that is crucial, especially if you are about to perform a certain task (fix, change, update) for the first time. It’s always a good idea to create a full copy and stick it on a secondary server (your personal computer) if you have one. You can use it as an environment to test all potential fixes for the issue, without risking the security of your live application.
Furthermore, you can implement the staging environment via cPanel’s Softaculous.
The 406 Not Acceptable is a client error response. That’s why it’s best to start with the troubleshooting of any potential client-side problems which might be causing the error.
In case you are running some of the common software packages and getting the 406 Not Acceptable, you should look into the stability of your platform(s). The most commonly used Content Management Systems (CMSs) such as WordPress or Joomla!, are considered to be well-tested out of the box. However, there is never a guarantee that once you start making changes (installing plugins, themes, extensions, etc.) everything will go perfectly. It’s not too hard to cause an unforeseen issue, which may result in a 406 Not Acceptable.
There are some helpful tips that might help you pinpoint the issue and resolve it.
If you have recently updated your CMS, and then started getting the 406 Not Acceptable, you should consider rolling back to the previous version. When it comes to WordPress, we have a thorough guide on How to Downgrade WordPress. For assistance with other CMS downgrades, just Google “how to downgrade” and put the name of your platform at the end. Keep in mind that some platforms don’t offer downgrade capabilities. If that’s the case, you should know that such platforms consider themselves to be stable and as bug-free as possible.
Similar to the platform itself, you might have recently updated some modules or extensions, which may also lead to the 406 error. Reverting to older versions of those extensions may also resolve your issue. If not, you can try to deactivate or uninstall them.
Depending on the CMS you are using for your application, the exact names of plugins, extensions, or modules, could be different. However, every system has components of that type and they serve the same purpose everywhere. Such tools are used for improving the capabilities and features of the platform beyond what it’s normally capable of out of the box.
Note that even if you uninstall an extension through the CMS dashboard, you are not guaranteed that changes made by the extension will be fully reverted. This is especially true for many WordPress extensions, which are given permissions within the application, including full access rights to the database. Unless the extension author explicitly codes such things in, there are scenarios where an extension may modify database records that don’t “belong” to the extension itself but are instead created and managed by other extensions (or even the base CMS itself).
In those scenarios, the extension may not know how to revert alterations to database records, so it will ignore such things during uninstallation. Diagnosing such problems can be tricky, but I’ve personally encountered such scenarios multiple times, so your best course of action, assuming you’re reasonably convinced an extension is a likely culprit for the 406 Not Acceptable, is to open the database and manually look through tables and records that were likely modified by the extension.
Most importantly, you should not be afraid to Google your issue. Try searching for specific terms related to your issue, such as the name of your application’s CMS, along with the 406 Not Acceptable. Chances are, you are going to find someone who has experienced the same issue.
If you are experiencing the error 406 Not Acceptable, you have most likely triggered a security rule, and thus your request got blocked. At FastComet, we make sure to optimize our security rules in order to minimize the chance of false-positive blocks. However, you might end up with the 406 error due to one of the following reasons:
To prevent the 406 error from happening
mod_security can be turned off. Additionally, you may just disable specific ModSecurity rules, as well as disable ModSecurity for each domain individually. Turning
mod_security off is a 3-step process. All you have to do is:
You may not be able to enable or disable
mod_security in your cPanel on VPS or Dedicated CPU Servers. To disable
mod_security in accounts that do not have that option in cPanel, you would need to use CLI via SSH.
However, the best thing to do here is to contact our technical support by opening a new ticket. They will assist you as quickly as possible, making sure everything is done properly. Additionally, you can ask for the
mod_security to be turned off only for specific domains.
We hope you find this article useful. Discover more about FastCloud - the top-rated Hosting Solutions for personal and small business websites in four consecutive years by the HostAdvice Community!