I have introduced modsecurity to protect a wordpress site, but I have no clue on the modsecurity rule language. Setup so far has gone fairly OK, the problem I am facing is that multiple rules are firing when a form is submitted (trying PL 3). Having a chat with GPT it offers a solution that looks fine in theory but won’t work.
System is on latest nginx, modsecurity and OWASP is also up to date.
The analysis is as following: