Hello Hansoo,
As I stated, on the phone, I apologize for the inconvenience and problems this ModSecurity update caused you. We did make the exceptions you requested.
To answer your question as to how we can make changes to your dedicated servers without notifying you, you purchased a managed server, meaning you wanted us to take care of all the server-side details, including security. If you had not wanted us to take care of these things for you, you would have purchased an unmanaged server. As part of preserving server security, we implement ModSecurity rules, which do change and update, as new threats are discovered. If websites trigger these rules, once we have been notified, we evaluate what is triggering the rule, and what the rule is meant to block. In some instances, we make exceptions to these rules, on a per-directory basis, so as to minimize the threat to the account.
In this instance, the rule was blocking the base64 strings being included in your URLs. The reason for this is that it is very simple for a hacker to to encode a malicious set of instructions in base64 and pass them to one of your pages, causing that site to execute whatever is in the base64 string, whether that is to upload a shell, one of the most common, or to initiate an attack on another site, also very common, or to start sending spam, and you would have no control to stop them, as the door was already open for them.
This issue did not come to light on the older, Site Manager, system because we left more of the security to you, the client. In the newer, cPanel platform, however, we have taken on more of the security aspect of the accounts. We apologize for any frustration this may cause. Ultimately, we have seen a large decrease in hacked sites and accounts since taking this on, indicating, to us, that what we are doing is working, and is worth whatever other usability issues may arise.
I hope this answers your questions and resolves some of your concerns. If you have any other questions or concerns, please feel free to respond to your ticket and I will be more than happy to address them.