A reader emailed me a little while back to tell me that he’d been having difficulty leaving a comment on my site – he’d get the error “412 Precondition Failed”.
I did some investigation and found that sentences such as *”However, its a far cry to be able to create a food sample from scratch.”* and *”As a computer programmer yourself, you’d probably find it easy to program a computer to create hit songs from scratch, right?”* were causing the problem, and if I reworded them, the comment would be allowed through.
I did a bit of digging around and came to the conclusion that these sentences were being rejected because they looked like an attempt to hack the site. I consulted my web hosts, 34sp, and they confirmed that mod_security was rejecting them because they took the format “create blah blah blah from”, which could be construed as an attempt at a SQL command.
Leaving aside how unintuitive the error was (surely 403 Forbidden would be much more appropriate than 412 Precondition Failed?), there is a solution. You can disable this particular rule by putting the following line into your .htaccess file:
SecFilterRemove 300013
The side-effect of this is that you will also lose additional protection against SQL injection attacks, so use it at your own discretion.
*UPDATE: I realise now how much of a misnomer this post’s title is, as this problem has nothing to do with WordPress.*