Well, that would work, under normal circumstances. However, that doesn’t seem to be a valid configuration directive in Mod_security 2.1 (which is what I’ve discovered my hoster is running).
Also I’ve found out that mod_security2 doesn’t respond well to .htaccess; it seems they’ve removed that functionality:
https://article.gmane.org/gmane.comp.apache.mod-security.user/3065
So, there’s not much for me to do than to downgrade back to 2.1.3 until WordPress figures out things.
