As a zen cart store owner/operator, you will have to make updates and changes every now and then to the content of your website. Most often, you will be updating product details or EZ-Pages and other areas. There are certain keywords and phrases, however, that should be avoided when you are doing this. If you include them in the text, they will throw this error message: “Forbidden – You don’t have permission to access /admin/product.php on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.” Occasionally, this error appears as a “500 Internal Server Error” or “406” error, but it still means essentially the same thing.
Most of the time, this error pops up because of a tool called ‘mod_security’, which webservers often use to help prevent hacking attempts. It works by monitoring the content submitted to web pages through forms. The server using the tool will set a list of keywords, and if these words and phrases are found in the text and/or data submitted, mod_security will flag the entire form-submission as at-risk. This effectively stops the entered data from being saved to the server.
Keywords that are commonly flagged include: INSERT or LYNX or UPDATE and other commonly-used SQL commands. To avoid triggering mod_security, you should find out which words are specifically restricted by your webhost, and try not to use them when editing page content. Another way to go is to talk to your hosting company about changing or relaxing their mod_security rules.
You could also try disabling mod_security for your zen cart admin area. To do this, you will need to edit your /admin/.htaccess file. Open it in a plain text editor, and add this line of code: