We got this error fixed. Here are the comments Direct from Cpanel tech support.
QUOTE:
This issue is caused by a combination of Apache Mod Ruid2 with Mod Security rules that use file-backed collections. This happens because Mod Ruid2 causes Mod Security to access /var/cpanel/secdatadir as the account which owns that domain, instead of as the "nobody" user.
We currently have an internal case open on this, FB-160281.
There are a couple of possible work-arounds for this issue:
1) Disable Mod Ruid2 via EasyApache.
OR
2) Disable the specific OWASP ModSecurity rules which use the "ip" collection. The specific ModSecurity rules on your server which use the "ip" collection can be found by searching for any rules that use "setvar:ip", "deprecatevar:ip", or "expirevar:ip" key words.
You can either choose to disable the entire rule-sets which contain more rules than just the ones that are causing the error via WHM >> Home >> Security Center >> ModSecurity Vendors >> Manage Vendors > Edit the OWASP vendor > disable the above config files, OR:
You could disable the specific rule ID numbers which use the "ip" collection via WHM >> Home >> Security Center >> ModSecurity Tools >> Rules List
Cheers!
John Dagelmore wrote:
QUOTE:
No, i don't know what could be the problem in the htaccess but i can suggest the URL to test for the hosting.
The following URL for example in the demo area returns the json informations correctly:
http://demo.storejextensions.org/jsitemap_professional/administrator/index.php?option=com_jmap&task=ajaxserver.display&format=json&data=%7B%22idtask%22%3A%22fetchSeoStats%22%2C%22template%22%3A%22json%22%2C%22param%22%3A%7B%7D%7D
On your site instead is redirected to the frontend home page:
http://www.crystalwind.ca/administrator/index.php?option=com_jmap&task=ajaxserver.display&format=json&data=%7B%22idtask%22%3A%22fetchSeoStats%22%2C%22template%22%3A%22json%22%2C%22param%22%3A%7B%7D%7D
Cheers,
John