My bets are on mod_security as well. Ask the hosting company if they can send you the raw Apache logs. see also http://wiki.modxcms.com/index.php/What_is_mod_security_and_how_does_it_affect_me + http://modxcms.com/forums/index.php?topic=29067.0