In version 5, we add a function to allow you to add the custom string / key / signature into the whitelisted keys pool in order to avoid false alerts. Here is an example:
The following attack triggers the 20% chr signature in Layer 1 protection, and it is obvious that the alert is a false alert.
What we need to do is to add a whitelist signature into the whitelist pool. Please go to OSE Anti-Hacker --> Whitelist keys --> Add Whitelist Key, as shown below:
In this example, we should add '%20Christopher' into the whitelist pool, save it:
That's it, this URL will be ignored in Layer 1 protection if %20chr is found, but other signatures will still be effective while Layer 2 protectio is still turned ON, so your server is safe even if this key is whitelisted.