I am running modsecurity on Ubuntu server. I have followed the modsec tutorial step by step.
However when entering https://yourdomain.com/?id=3 or 'a'='a'
into my web browser, it redirects to the following page (which ends up being the site homepage, not a 404 error page):
https://yourdomain.com/?id=3%20or%20%27a%27%3D%27a%27
This is not the same as in the example which is:
https://yourdomain.com/?id=3%20or%20%27a%27=%27a%27
How can I correct this?