If you are getting 404 Error while updating or saving it might be possible due to Mod security rule .

Please check below logs file via “tail” or “grep” command .

grep domain.com /usr/local/apache/logs/error_log

Or live checking

tail -f /usr/local/apache/logs/error_log | grep domain.com

You will get error like below :

—————————————–

[Wed Feb 15 09:33:51 2012] [error] [client 202.138.170.146] ModSecurity: Access denied with code 406 (phase 2). Pattern match “\\%(?![0-9a-fA-F]{2}|u[0-9a-fA-F]{4})” at ARGS:content. [file “/usr/local/apache/conf/modsec2.user.conf”] [line “23”] [id “950107”] [msg “URL Encoding Abuse Attack Attempt”] [severity “WARNING”] [hostname “www.abc.domain.com”] [uri “/wp-admin/post.php”] [unique_id “Tzt7-9XlY5QAACFaa1IAAAAY”]
[Wed Feb 15 09:34:22 2012] [error] [client 202.138.170.146] ModSecurity: Access denied with code 406 (phase 2). Pattern match “\\%(?![0-9a-fA-F]{2}|u[0-9a-fA-F]{4})” at ARGS:content. [file “/usr/local/apache/conf/modsec2.user.conf”] [line “23”] [id “950107”] [msg “URL Encoding Abuse Attack Attempt”] [severity “WARNING”] [hostname “abc.domain.com] [uri “/wp-admin/post.php”] [unique_id “Tzt8HdXlY5QAACD1Ef0AAAAI”]

—————————————–

Then check the entry of domain in the “httpd.conf” file

vi /etc/httpd/conf/httpd.conf  —- search for the domain name

You will find codes something like this

———————————————–

ScriptAlias /cgi-bin/ /home/weiworld/public_html/cgi-bin/

Include “/usr/local/apache/conf/userdata/*.conf”
Include “/usr/local/apache/conf/userdata/*.owner-bluewag”
Include “/usr/local/apache/conf/userdata/std/*.conf”
Include “/usr/local/apache/conf/userdata/std/*.owner-bluewag”
Include “/usr/local/apache/conf/userdata/std/2/*.conf”
Include “/usr/local/apache/conf/userdata/std/2/*.owner-bluewag”

———————————————–

just copy the path “/usr/local/apache/conf/userdata/std/2/” to insert mod_ sec rule

Code for mod security rule  to disable particular rule.

<IfModule mod_security2.c>
 <Location “/wp-admin/admin-ajax.php”>
 SecRuleRemoveById 950107
 </Location>
 </IfModule>

Code for mod security rule  to disable for whole domain

<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>

————————————————

mkdir -p /usr/local/apache/conf/userdata/std/2/cpaneusername/domain.com/

cd /usr/local/apache/conf/userdata/std/2/cpaneusername/domain.com/

Using your favorite Linux Text editor such as pico or vi, add the above  directive(s) in the below file:

[~]# vi allow.conf

<IfModule mod_security2.c>
 <Location “/wp-admin/admin-ajax.php”>
 SecRuleRemoveById 950107
 </Location>
 </IfModule>

Save the file and then run:

/scripts/ensure_vhost_includes –user=USERNAME

Or vi /etc/httpd/conf/httpd.conf  —- search for the domain name

Include “/usr/local/apache/conf/userdata/std/2/*.owner-bluewag”
Include “/usr/local/apache/conf/userdata/std/2/cpaneusername/domain.com/*.conf” —> This is the path added into http.conf

Then you need to restart the HTTPD but before restarting Apache(htttpd) please the Syntax via below command.

[~]# httpd -t

if the syntax is Ok. restart the apache service.

That’s it :D