Hi guys. 

I've found a few old posts about mod_security, but nothing which answers this question, so here goes.

I have twice been blocked by the mod_security on my server, when entering new fields for a custom content type. 

On the first occasion I was entering an sql string to define a "select dynamic", and assumed that mod_security had simply misinterpreted it. I solved the problem by entering the sql directly into the relevant field using phpmyadmin. This worked fine. 

On the second occasion, I was entering text into the wysiwyg editor for a "free text" field, and I happened to write the following, without thinking anything of it:

"Select tags from the list, or create a new one by typing in the box, and pressing <strong>enter</strong>." 

Note how the sentence starts! 

Does this just happen to match a pattern mod_security is looking for, or is it something to do with Seblod - if so, how do I fix it?

I'm developing a site to list various vendors, and don't want people getting blocked if they were to enter "Select dishes from my delicious fresh menu", for example, from the frontend.

The sql which caused the problem the first time was:

select id as value, path, concat(repeat('+', length(path)-length(replace(path,'/','')) -1), title) as text from #__categories where path like 'supplier-cat/%' order by path asc 

But this simplified version worked ok:

select id as value, path, title as text from #__categories where path like 'supplier-cat%' order by path asc 

The people running the server insist that all their settings are just fine, and can't be changed, since it's a shared server. 

Thanks in advance for any ideas.