admin-plugins author calendar category facebook post rss search twitter star star-half star-empty

Tidy Repo

The best & most reliable WordPress plugins

How to Fix a 406 Error and Find the Source of the Problem

How to Fix a 406 Error and Find the Source of the Problem

Ethan Martinez

September 10, 2025

Blog

Encountering a 406 Not Acceptable error on your website or application can be both frustrating and alarming. This HTTP response status code indicates that the server cannot generate a response that’s acceptable to the client, typically due to issues with the Accept headers sent in the request. Unlike more common errors like 404 or 500, the 406 error isn’t always straightforward to troubleshoot, making it essential to understand the mechanisms behind it and how to effectively diagnose and fix the issue.

What Does a 406 Error Mean?

A 406 Error is returned when the server is unable to respond with any content that is acceptable according to the Accept headers sent by the client. These headers include:

  • Accept: specifies media types (e.g., text/html, application/json)
  • Accept-Language: preferred languages (e.g., en-US, fr-FR)
  • Accept-Encoding: acceptable encodings (e.g., gzip, deflate)
  • Accept-Charset: acceptable character sets (e.g., utf-8)

If the server cannot serve content that satisfies these conditions, it will return a 406 status. This typically occurs when the server’s configuration doesn’t offer an acceptable representation, or the client’s headers are too restrictive or malformed.

Common Scenarios Leading to a 406 Error

Before diving into the steps to resolve a 406 error, it’s helpful to look at situations where these errors are most likely to occur:

  1. APIs that expect specific Accept headers but receive incompatible ones
  2. Web applications with legacy servers that strictly enforce Accept headers
  3. Browser plugins or extensions that modify outgoing request headers
  4. Security filters or WAF (Web Application Firewall) rules that block certain content responses

How to Fix a 406 Error: Step-by-Step Guide

Troubleshooting a 406 error involves both examining the client request and reviewing the server settings. Below is a comprehensive step-by-step guide.

1. Check the Request Headers

The client (often a browser or API consumer) sends request headers indicating what kind of responses it can handle. Examine these headers:

Accept: application/json
Accept-Language: en-US
Accept-Encoding: gzip, deflate
Accept-Charset: utf-8

If the values are too restrictive, the server may not have a compatible response format. You can use browser developer tools (or tools like curl or Postman) to inspect these headers.

2. Modify the Client’s Request

Once you’ve identified problematic headers, attempt to modify or simplify them:

  • Change Accept to a wildcard (e.g. Accept: */*) to allow all content types
  • Remove non-essential headers like Accept-Charset if they’re causing issues

If you’re working with an API client, changing these headers should be straightforward. For web browsers, try a different browser or disable extensions.

3. Review Server Configuration

The server must be capable of returning responses in the requested format. On Apache or Nginx servers, configuration files like .htaccess, httpd.conf or nginx.conf can influence content negotiation.

Check for Explict Content Negotiation settings:

  • Apache: Look for mod_negotiation configurations or directives such as Multiviews
  • Nginx: Evaluate the types and default_type directives

Also, verify that the MIME types and encodings being requested are actually supported by the server.

4. Examine Security and Mod_Security Rules

Many web hosts use Mod_Security or similar Web Application Firewalls that enforce strict rules to block suspicious or complex HTTP requests. These rules can inadvertently block valid requests if they are seen as malformed or “suspicious.”

Here’s how to check:

  1. Access server logs (e.g., error_log or modsec_audit.log)
  2. Look for entries containing “406” or rule violations
  3. Temporarily disable suspicious rules or whitelisting specific headers

Ensure you understand the implications before modifying or disabling security rules since doing so may expose your application to other vulnerabilities.

5. Test With Different Clients

Sometimes, particular clients or devices may send default headers that aren’t compatible. Test your application or endpoint using tools like:

  • Postman: Customize headers to isolate the issue
  • curl: Helps identify exactly what’s being requested and received
curl -H "Accept: application/json" https://yourdomain.com/api/endpoint

If the problem persists even with simplified headers, the issue likely lies with the server.

6. Disable Content Negotiation (If Safe)

If content negotiation isn’t crucial for your application, consider disabling it to prevent 406 errors from arising. For example, in Apache, disabling MultiViews can help:

Options -MultiViews

This avoids automatic attempts at resolving content based on Accept headers and defaults to a static response.

7. Set Fallback Response Types

Implementing fallback mechanisms allows your server to return default content types when an exact match isn’t found. This is particularly useful in APIs:

if ($accept_header == "application/xml") {
    return xml_response;
} else {
    return json_response; // fallback
}

This improves compatibility, especially with newer client applications.

Best Practices to Prevent 406 Errors

Prevention is key when it comes to minimizing the chance of encountering 406 errors. Here are several strategies you can implement:

  • Implement broad Accept values: Avoid being too restrictive with content expectations
  • Test with real-world clients: Real user conditions may differ from development environments
  • Enable logging and monitor regularly: Quickly detect and resolve header-related issues
  • Document your API preferences clearly: Let API consumers know what content types are supported
  • Simulate common browsers and user agents during testing to catch quirks

When to Contact Your Hosting Provider

If none of the above actions resolve the issue, especially if you’re on a shared hosting plan, your provider may be enforcing certain server-level restrictions or Mod_Security rules without your direct visibility. In such cases:

  • Explain the issue in detail (including specific URLs or APIs)
  • Share relevant logs or error messages
  • Request verification of server modules handling Accept headers

Most hosting companies will be able to check firewall rules, MIME configurations, and content negotiation modules on your behalf.

Conclusion

A 406 Not Acceptable error is a signal that something in the content negotiation between your client and server has gone awry. Whether the problem originates from overly restrictive client headers, server misconfiguration, or middleware like security filters, resolving it requires a methodical approach.

Start by analyzing and simplifying the request, dig into server logs, and make necessary configuration adjustments. With attention to detail and a structured debugging strategy, a 406 error can be resolved efficiently, restoring full functionality to your content or application.