It is fixed now. Here is what happened... I have been repeatedly getting locked out of my Joomla site by Rochen when using BF. They made a tweak to help with the issue and this was the source of the problem.
Response... I see you've been triggering a mod_security rule. I've disabled the rule in question on xxxx.com. Can you please confirm if this has changed the result? Thank you.
It still appears that using BF periodically triggers some sort of a security issue on my host and I don't understand why. It seems to occur when we are setting up a lot of forms and we always use webhooks. Now I'm guessing that something about the webhook implementation looks like an attack of some sort. I'd welcome any ideas if you have any regarding correcting this.
yeah, I was thinking it would be something like this. To be honest, first time I hear a hosting company was willing to adjust/remove the affected mod_security rule.
The problem with these rules is that they are usually custom-made so it is hard for me to find out which of the parameters look suspicious.
Some mod_security setups will then fire, thinking a XSS attack has been passed.
I also had a case where the name of the parameter caused a rejection. Namely the "act" parameter as it was used in some other, BF and Joomla unrelated attack vector that they were simply looking for and then halting the request.