In the plugins description under the firewall functionality you say
"Protect against Cross Site Scripting (XSS) by activating the comprehensive advanced character string filter. or malicious bots who do not have a special cookie in their browser. You (the site admin) will know how to set this special cookie and be able to log into your site."
I have activated the XSS firewall functionality under advanced firewall settings as well.
Please assist me to figure out this issue.