security assist rules with multiple conditions only need one condition to pass to be considered success ful.
if you need all try conditions to pass, you should create 3 separate rules and modify the page access code to use each one:
<?php
if (!WA_Auth_RulePasses("Rule 1") && !WA_Auth_RulePasses("Rule 2") && !WA_Auth_RulePasses("Rule 3")){
WA_Auth_RestrictAccess("login.php");
}
?>