Is there a security option on Linux servers that stops the submission of certain HTML tags in forms

One of our client’s websites has started showing some strange behaviour. When a <form> tag is submitted on a form, the POST method seems to refuse to accept it. It produces the following error…

You don’t have permission to access this resource.

At first I thought it might have something to do with the TinyMCE editor on the form, but when I use non-accepted tags within TinyMCE it simply converts them to <p> tags. Also, if it was a TinyMCE issue that wouldn’t explain why this change suddenly happened recently.

We also have a duplicate of this site running on our local server here, and it works fine.

Is this something that a mod_security update may have caused?

If anyone has any ideas that would be much appreciated.


I ran phpinfo(); and there was no mention of mod_security. I also tried adding the following in my .htaccess file as recommended by several people in this SO question…

<IfModule mod_security.c>
  SecFilterEngine Off
  SecFilterScanPOST Off

… but it didn’t have any effect, which isn’t surprising since mod_security doesn’t seem to be turned on.