[eluser]johnwbaxter[/eluser]
Then paypal will be blocked from accessing your ipn function.
If i knew mod_security better (or at all) then i would tell you how to create a rule to exclude paypal from it's ruthlessness.
But i don't.
So, you can create a .htaccess file and add this to the top of it (which will admittedly stop mod_sec working for the whole site)
SecFilterEngine off
I know people might say 'whats the point in having mod_security then' and i'd have to agree, but at least for the short term you can get paypal working properly.
Of course if anyone with mod_sec kung fu skills can shed any light on how to write a rule for it to allow paypal through that would be cool.