I tested this firewall on some sites and works well, although with a wordpress default site there is something strange (version 4.1):

– The design is corrupted, and forbids the redirection applied when trying to enter wp-admin when logged out, the part where you are redirected to login.

With the exclusion method I narrowed the problem to:

1) it is in the Querry Strings restriction area, specifically on the line commented below:

# 6G:[QUERY STRINGS]

<IfModule mod_rewrite.c>
	RewriteCond %{REQUEST_URI} !^/$ [NC]
# 2	RewriteCond %{QUERY_STRING} (mod|path|tag)= [NC,OR]
	RewriteCond %{QUERY_STRING} ([a-zA-Z0-9]{32}) [NC,OR]
	RewriteCond %{QUERY_STRING} (localhost|loopback|127\.0\.0\.1) [NC,OR]
# 1	RewriteCond %{QUERY_STRING} (\?|\.\./|\.|\*|:|;|<|>|'|"|\)|\[|\]|=\\\'$|%0A|%0D|%22|%27|%3C|%3E|%00|%2e%2e) [NC,OR]
	RewriteCond %{QUERY_STRING} (benchmark|boot.ini|cast|declare|drop|echo.*kae|environ|etc/passwd|execute|input_file|insert|md5|mosconfig|scanner|select|set|union|update) [NC]
	RewriteRule .* - [F,L]
</IfModule>

Although I have no idea where exaclty is the problem (not able to pinpoint it out), any ideas?

2) When the tag option is firewalled it obvoiusly forbids the page if you have tags enabled on the site.

3) It also disables some options in Admin Dashboard, like the Screen Options and Help Menu dropdowns in ocasions, as well as expanding and collapsing menus, adding new comments, pages, saving and so on, although I couldnt narrow this exact problem down.