Solved: Drupal 7 incompatibility with mod_security regarding jquery.cookie.js file.


With Drupal 7, it might happen that we are working on configuring and customizing Drupal and suddenly our website stops responding.

We might think there could be an issue with the Internet connectivity. But we observe that all the other websites are responding fine.

So we log a ticket into your host to find out the following response from them:
Your ip was blocked in the firewall due to the mod security we provide you the logs so you need to consult with your programmer.

2012-07-09 ***** /misc/jquery.cookie.js ***** Access denied with code 406 (phase 2). Pattern match “(?:\\b(?:(?:type\\b\\W*?\\b(?:text\\b\\W*?\\b(?:j(?:ava)?|ecma|vb)|application\\b\\W*?

Confused! From this, we can only realize that we are not allowed to access our own website because we are probably trying to hack our own website.

Jokes apart, following conclusions can be drawn from the above message:
1) Our IP is blocked and no further requests can be served from the current IP address.
(We may probably disconnect from the Internet and reconnect to get a new IP which may start working only to find out that new IP is also blocked after a few requests)

2) Something has got to do with ‘mod_security’.

3) Something has probably got to do with the file ‘jquery.cookie.js’.

If we aggregate all these findings, then we come to know that there is some compatibility issue of Drupal 7 with Apache module ‘mod_security’ regarding the presence of word ‘cookie’ in filename ‘jquery.cookie.js’.

Either of the following 2 steps can be taken to overcome this problem:

1) Request your hosting provider to disable mod_security for your website / domain.

2) If Step-1 is not in your control, then login into Drupal as administrator. Go to ‘Configuration -> Performance’ option.
Check the checkbox ‘Aggregate JavaScript files’ and click on button ‘Save configuration’.

Hope these steps help you to solve this issue.

Other References: