I installed “Pretty Links” plugin in WordPress to manage my affiliate links and simply the REQUEST-920-PROTOCOL-ENFORCEMENT blocks some of them and gives error 403 when it is activated. How to get around this in the best way? What are the main risks that I can have by simply keeping this module disabled?
Create mod security rule for that site to allow that plugin do its thing. That way rule allow only that plugin bypass modsecurity. You can try use chat GPT to create that rule.
The problem is not related to the plugin, but related to the REQUEST-920-PROTOCOL-ENFORCEMENT that identifies redirects like “website.com/go/google.com” as being invalid because it interprets the TDL .com as being the extension of a file. I solved it by modifying the redirect by removing the dot(“website.com/go/googlecom”) and everything worked.