Hi there,
I have not so much knowledge on servers but so much willing to learn, recently our server manager, installed firewall and changed the mod_security on the server. I have had alot of comments from our hosted clients that they cannot access their websites. Though we can see them here..I have alot of alerts coming into our alert mail box and they are like this:
----Time: Thu May 22 21:55:47 2008
IP: 74.224.47.210 (adsl-224-47-210.asm.bellsouth.net)
Failures: 5 (mod_security)
Interval: 50 seconds
Blocked: Yes

Log entries:

[Thu May 22 21:55:00 2008] [error] [client 74.224.47.210] ModSecurity: Access denied with code 406 (phase 2). Pattern match "(?:\\\\b(?:\\\\.(?:ht(?:access|passwd|group)|www_?acl)|global\\\\.asa|httpd\\\\.conf|boot\\\\.ini)\\\\b|\\\\/etc\\\\/)" at REQUEST_FILENAME. [id "950005"] [msg "Remote File Access Attempt. Matched signature </etc/>"] [severity "CRITICAL"] [hostname "clientwebsite.com"] [uri "/1/components/com_zoom/etc/zoom.css"] [unique_id "HiWwxkMTDJoAAHZhf5YAAAAG"]
-------
How can this be corrected or what could the problem be? We decided to harden our server security when we realised someone was hacking into our whmcs.

Another colleague of ours in Europe got this message:
--- Unknown Host

------------------------------------------------------------------------
* Description: Unable to locate the server named "/www.progressiveatlanta.com/" --- the server does not have a DNS entry.
Perhaps there is a misspelling in the server name, or the server no longer exists. Double-check the name and try again.

*
--
THANKS FOR ANY ADVICE!!

Your mod_security ruleset is blocking them, if its a legit request remove the rule:

"(?:\\\\b(?:\\\\.(?:ht(?:access|passwd|group)|www_?acl)|global\\\\.asa|httpd\\\\.conf|boot\\\\.ini)\\\\b|\\\\/etc\\\\/)"

The other one is DNS, if the domain works fine it may be related to his dns servers or ISP.