Are you actually using the ModSecurity (mod_security
) application firewall module? (That's what the tag indicates, but...?)
If so -- or in any case -- first rule out the simpler problem: Review your host's httpd-error.log
(or similarly named) log file, and make sure that your situation is not due to an Apache auth misconfiguration or related problem. E.g. you might see authentication failure for "/": Password Mismatch
(or for whatever path in your case). There is a good amount of advice on SO if you search on htaccess
and htpassword
, or look at posts tagged with .htaccess, htpasswd, or authentication.
If you're using Apache httpd version 2.4.4, note that there is a known bug in the htpasswd
utility released with it. See this SO answer elsewhere for workarounds relative to it.
Good luck!