Well, welcome. Feel free to mark posting as 'useful' ... another way of saying 'thanks' for some of us.
Mod Security is the culprit. Look at your servers raw error logs. Evidently, the access to that portion of Moodle code triggers a mod security rule. Mod Security blocks and returns to the browser an error 408 or whatever that rule is programmed to return.
There should also be some sort of logging for mod security ... where one can see the rule number. And, thus, be able to use a new rule for 'moodle/lib/ajax' as OK and not a security issue to block.
Since you have WordPress ... are you keeping it up to date I hope!!! Being the most used CMS it's also the most attacked.
A security hole in WP could allow something malicious or undesired in a directory of Moodle. Now a days many hackers are not after defacing anything and they try to cover their tracks. What they are after is to make your server part of a bot network, etc.
.htaccess files 'cost' ... server has to check for those and do/don't do whatever. So me thinks best to find a way to fix via mod security.
Internet never was a 'friendly place'. :|
'spirit of sharing', Ken