I authored a Relaxation-ful API using Free Of Fat Framework in PHP, and am creating a call using backbone.js. After I try to save a brand new Orders model my application constitutes a PUT request, and also the server spits back a 406 error.

Request Method:PUT
Status Code:406 Not Acceptable

Request Headers
Accept:application/json, text/javascript, */*; q=0.01
Cookie:__utma=239804689.76636928.1286699220.1305666110.1325104376.94; __utmz=239804689.1325104376.94.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=935d2632fd0d12a1a0df4cb0f392eb5e

Request Payload

Response Headers
Content-Type:text/html; charset=iso-8859-1
Date:Sun, 15 Jan 2012 00:46:37 GMT
Keep-Alive:timeout=5, max=98

My .htaccess file appears like this:

# Enable rewrite engine and route requests to framework
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-l
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php [L,QSA]

# Disable ETags
<IfModule mod_headers.c>
    Header Unset ETag
    FileETag none

# Default expires header if none specified (stay in browser cache for 7 days)
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresDefault A604800

<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off

This site application works fine on my small local server and just performs this on my small web server. Any ideas what's going wrong?

I emerged having a workaround.

My believe my server is applying mod_security2 to bar PUT and Remove demands. I'm waiting to listen to back from their store, and mod_security2 can not be disabled inshtaccess files so there is nothing I'm able to do.

Using "Script PUT /filename" within the .htaccess file was leading to a 500 error: "Script not permitted here", I don't know why, however i made the decision not to cope with getting my hosting company reconfigured to deal with PUT and Remove.

To help keep my API Relaxation-ful, I left within the normal handling of PUT and Remove, and added this towards the Publish handling:

function post() {
    //if Backbone.emulateHTTP is true, emulate PUT
    $data = json_decode(F3::get('REQBODY'), true);
    if ($type == 'PUT') {
    if ($type == 'DELETE') {

    //handle normal POST here

Should you set Backbone.emulateHTTP = true it keeps the request method as Publish and transmits the X-HTTP-Method-Override as PUT or Remove.

I love this because I'm able to keep my Relaxation-ful implementation intact, and merely comment the emulateHTTP code when ever I publish to my webserver.