Blocked by server

[frontside]

Hi I am currently being blocked by my server due to this issue:

2013-06-07 15:57:52 2.27.177.186 /wp/wp-content/themes/flexform/includes/plugins/love-it-pro/includes/js/jquery.cookie.js HTTP/1.1 frontsidestudio.co.uk Access denied with code 406 (phase 2). Pattern match “(?:\b(?:(?:type\b\W*?\b(?:text\b\W*?\b(?:j(?:ava)?|ecma|vb)|application\b\W*?\bx-(?:java|vb))script|c(?:opyparentfolder|reatetextrange)|get(?:special|parent)folder|iframe\b.{0,100}?\bsrc)\b|on(?:(?:mo(?:use(?:o(?:ver|ut)|down|move|up)|ve)| …” at REQUEST_FILENAME. [file “/usr/local/apache/conf/modsec2.user.conf”] [line “112”] [id “950004”] [msg “Cross-site Scripting (XSS) Attack”] [data “.cookie”] [severity “CRITICAL”] [tag “WEB_ATTACK/XSS”] 406

What can I do to stop this happening.

Cheers
Wes

[frontside]

To add to this I have this message from my host supplier:

“Unfortunately as this theme uses Cross-site scripting, it would be a security risk to enable it.”

Do I need a new host or is there a solution? Changing hosts would be a hassle. I look forward to your feedback.

Cheers
Wes

[Ben – SUPPORT]

Well I can’t see there being an issue with you enabling it, so you can always just say that it’s trusted by thousands so please allow it or yes go to another host, there is quite a lot out there. Depending on what you need I can suggest you some

Thanks
Ben

[frontside]

Thanks Ben,

The host has agreed to go ahead and change their settings for me so this issue is now resolved.

Cheers
Wes