Mod_security is an Apache module that helps to protect your website from various attacks. mod_security has certain rules for the words "pattern" used in requested URL's. If any pattern match with the requested URL under your site mod_security false positive and deny the access to it. Many people are experiencing problems because of this. Problems include "406 Not Acceptable error", 403", "500", "501 Method Not Implemented" or access denied errors (forbidden access), login problems, and similar. For the reason of misconfigured mod_security users may also have issues adding resources or HTML resources to the Media Library
Ask your hosting support to disable individual mod_security rules or try to disable it manually. We strongly recommend you contact your hosting provider and work with them to resolve the server module issue.
Try adding this in a .htaccess file. Note: Most of the shared hosting providers do not allow this