Your hosts have caused this problem by some custom rule they have added to mod_security on their web server.
The web server error log (not the phpBB log) should contain an entry every time this rule is triggered.
You can add the specified lines to either of those .htaccess files.
The first will turn it off for your entire website, the second only for phpBB.
It would be useful to be able to keep mod_security enabled, but that is only an option if you can identify the faulty rule they have added, and they agree to fix it.