Mod_Security Error

  • Resolved Rose

    (@va-cape)


    1 week, 6 days ago

    Hi! I receive this error when authenticating FB account and redirecting back to website….

    Not Acceptable!
    An appropriate representation of the requested resource could not be found on this server. This error was generated by Mod_Security.

    Please advise how to remedy this. Thank you.

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Support Marija

    (@marijastuntcoders)

    1 week, 6 days ago

    Hi Rose!

    The error message is most likely related to a hosting configuration or Web Application Firewall (specifically, Mod_Security), not the Facebook for WooCommerce plugin itself.

    Please contact your host provider and ask them to assist you with this:

    • Let them know that you are using the Facebook for WooCommerce plugin, and share the Error message you are receiving when trying to connect
    • Share the URL where you are seeing the “Not acceptable!” error
    • Ask them to modify the ModSecurity rules so that the request can go through and you can connect to the plugin

    Please let us know how your hosting provider handles this, so that we can help other users that experience this issue as well.

    Kind regards,
    Marija

    Thread Starter Rose

    (@va-cape)

    1 week, 5 days ago

    Hi Marija!

    Thanks for the quick steps to resolving this issue. I will reach out to the hosting company and let you know what transpires.

    Kind regards.

    Thread Starter Rose

    (@va-cape)

    1 week, 2 days ago

    Hi Marija!
    A quick follow-up to let you know that the issue was resolved instantly after providing the hosting company with all the info you advised.

    Thanks again for your help!

    Plugin Support Marija

    (@marijastuntcoders)

    1 week ago

    Thank you for following up on this! 

    Do you know any details on how they fixed this? It could be helpful to other users as well.

    If you are satisfied with the plugin and the support you’ve received, we would greatly appreciate it if you could take a moment to leave a review.

    Kind regards,
    Marija

    amanbt

    (@amanbt)

    3 days, 5 hours ago

    Hi, I am facing the same error: Not Acceptable! An appropriate representation of the requested resource could not be found on this server. This error was generated by Mod_Security.

    As suggested by you I contacted my hosting provider and asked them to modify the ModSecurity rules, however they reverted with the following reply:

    [Fri May 02 18:58:26.161798 2025] [security2:error] [pid 105007:tid 22686878275328] [remote 49.36.188.137:63143] [client 49.36.188.137] ModSecurity: Access denied with code 406 (phase 2). Pattern match “=(?:ogg|tls|ssl|gopher|file|data|php|zlib|zip|glob|s3|phar|rar|s(?:sh2?|cp)|dict|expect|(?:ht|f)tps?)://” at REQUEST_URI. [file “/etc/httpd/modsecurity.d/10_asl_rules.conf”] [line “517”] [id “340165”] [rev “291”] [msg “Atomicorp.com WAF Rules: Uniencoded possible Remote File Injection attempt in URI (AE)”]

    [data
    “/?wc-api=wc_facebook_connect&external_business_id=ingreensshop-6814c54f67080&nonce=37b12eccd2&type=standard&code=aqdlnmbj-wepcjezfxvohyj1z8c7enf9mqafsyl5fcxwqydunvp0u2kqhfvthri2a2y01_vw4kiwlsx715yzs1a3qk2kmonliyverjpj43jja18lpml_jsmmq7rzzuov2jit4mpq7ov70xxbjiokvtfkuntlpfqildreioejr-3bhmt4ystp70db0zxxtctlcgw2rmqhjbgeaeyv5pvjyzsiedhsaiepw2ll_qexhfcpsoo_-s3yddtvdcgcngxt8zjrsjzsl6dytllqlte_4-_9ebkdlw1glg3kuvn44sejqdvdldn2npnkx-0jdvhe88s1vq-v3y9nh5qnt_32khlnktnnug3hxymqwstlgdq6r6ihqdbuu84dr_ogyveltwckhzn0ikzt…”]

    [severity “CRITICAL”] [hostname “ingreens.shop”] [uri “/”] [unique_id “aBTIenBX-pIR2FFxpqtFgAAB1lI”], referer: https://api.woocommerce.com/

    Please share this rule with the plugin manager you have connected to as per the log this cannot be whitelisted because the system is considering this as a sql injection attack on the server

    Our system firewall (ModSecurity) blocked an external request due to a security rule that flagged the incoming URL as a potential remote file injection attempt. This is a false positive, commonly seen with API callbacks like the one from Facebook or WooCommerce.

    This rule cannot be whitelisted from server end due to security reasons

    • This reply was modified 3 days, 5 hours ago by amanbt.
    Plugin Support Marija

    (@marijastuntcoders)

    8 hours, 42 minutes ago

    Hi @amanbt ,

    This configuration can not be changed within the plugin, as it is used to connect multiple systems – and it has to be secure. The hosting company has created this as a broad rule, and there is nothing we can do from our end.

    Kind regards,
    Marija

Viewing 6 replies - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.