False positive id 217280 in WordPress admin

I get a 403 error when attempting to update the definition of a contact form in WordPress.
The error seems to be related to the inclusion of the word ‘head’ at the start of a line of text of the form.
For example, the text “head and shoulders photo” results in an error whereas “shoulders and head photo” does not.

I have attached an image of the error log

My hosting provider is unhelpful and claims it is a fault in WordPress and the solution is to avoid any text which might result in an error.

What I am really seeking is an explanation of what this particular rule is protecting against, why it should be triggered in this particular case and whether there is a straightforward way of bypassing the problem.



Hi andypatnz.

Please provide full modsecurity audit log for this event.

Hi SergeIP

I went back to my hosting provider who says that the only log he is aware of is the one which I have attached.
Is there anything I can tell him that will enable him to locate the audit log to which you are referring.


Hello Andy.
You should report about False Positives here:
When you report abou FP you should provide information described:

Please share information about webserver (name, version), WordPress, WP plugin and rules version.