When we implemented ModSecurity™ Tools with vendor OWASP ModSecurity Core Rule Set, OpenCart site displayed strange behavior.
We had to disable three of the 21+ core rules to make our OpenCart site act and preform normal again. Below are the three rules we had to disable.
Hope this helps others who may have a VPS/server that has implemented ModSecurity™ Tools for Cpanel/WHM..
Rules we had to disable
rules/REQUEST-33-APPLICATION-ATTACK-PHP.conf
rules/REQUEST-41-APPLICATION-ATTACK-XSS.conf
rules/REQUEST-42-APPLICATION-ATTACK-SQLI.conf