I have tried using Modsec with the OWASP Rules pack, but it seems to break my WordPress website. However, once I turned it off, My websites started getting attacked, with the server hitting 100% almost every day.
Can someone please tell me which rules I should enable from this pack in order to stop bruteforce attacks and other very important things?
Thanks!