@Wise

I am sorry for the delay to answer you back and I thank you so much for your valuable help. It works!.

The solution you provided fixed my problem with mod_sec.

The modsec rule #943110 which contains the 'SessionID' was blocking the webhook API request from Stripe which also has a 'sessionid' in the url parameter as you can see in the url i shared in the post above.

So, a Modsec exception needed to be added.

Instead of executing command lines using SSH (which can also be done), I added that exception rule through WHM > 'ModSecurity Tools' > Rules List > Add Rule. It was more convenient.

Also, instead of using the modsec operator: 'beginsWith' as per your suggestion like this: (which works perfectly)

SecRule REQUEST_URI "@beginsWith /m/payment" "phase:1,id:123456,allow"

I used the operator: 'contains' like this:

SecRule REQUEST_URI "@contains /m/payment" "phase:1,id:123456,allow"

The reason is because I also have some UNA dev (test) websites installed in subdirectories. The modsec operator 'contains' will also add that exception to urls like this: e.g: mysite[dot]com/subdirectory/m/payment ...

Once again, thanks a lot for helping.