SEO & URLs Forbidden message on save

[mak]

As the title states, I get a "Forbidden - You don't have permission to access /thirtybees/admin/index.php" on this server. Under Backoffice -> Preferences -> SEO & URLs -> I can click save on the last 3 options (schema of urls, general, and .htaccess file) and it gives me that message. I have tried changing the file and folder to 777 and still same problem. My hosting is through nexcess and I have the default .htaccess file from the install. How do I get this to let me add the .html under schema of urls?

[lesley]

It sounds like mod_security is being activated on your server. Ask your host to white list the rule that is being triggered.

[mak]

Thanks for the help; I have contacted nexcess to see if they can allow my IP; but why would it cause this error to begin with? Is there something that needs to be fixed in the code?

[Wed Aug 16 22:14:32 2017] [error] [client **.***.***.*** ModSecurity: Access denied with code 403 (phase 2). String match "on" at TX:sqlinjectionscoreblocking. [file "/etc/httpd/modsecurity.d/modsecuritycrs49inboundblocking.conf"] [line "87"] [id "4049002"] [msg "SQL Injection Detected (score 26/15)"] [severity "CRITICAL"] [hostname "mydomain.com"] [uri "/thirtybees/admin/index.php"] [uniqueid "WZT8B9F@ECgAAIsdFyIAAAAK"]