ModSecurity – modsec2 Rule 959004 – Customers just gets block strange

The problem at the moment Customers gets blocked just by going to BlogLines.co.za

I then added the rule 959004 to the global white list and now customer and me can log back on to my site.

modsec2 WordPress 3.3.1 ? Any bugs were customer get blocked by rule 959004

[Wed Jan 04 21:24:48 2012] [error] [client 197.175.234.133] ModSecurity: Access denied with code 406 (phase 2). Pattern match “(?:\\b(?:slight_frown:?:type\\b\\W*?\\b(?:text\\b\\W*?\\b(?:j(?:ava)?|ecma|vb)|application\\b\\W*?\\bx-(?:java|vb))script|c(?:opyparentfolder|reatetextrange)|get(?:special|parent)folder|iframe\\b.{0,100}?\\bsrc)\\b|on(?:slight_frown:?:mo(?:use(?:o(?:ver|ut)|down|move|up)|ve)| …” at REQUEST_HEADERS:Cookie. [file “/usr/local/apache/conf/modsec2.user.conf”] [line “122”] [id “959004”] [msg “Cross-site Scripting (XSS) Attack”] [data “<script”] [severity “CRITICAL”] [tag “WEB_ATTACK/XSS”] [hostname “bloglines.co.za”] [uri “/wp-admin/”] [unique_id “TwSngK3Bn2IAAFpTbxsAAAAA”]