How to still get alerts from an allowed JSON profile?

I have a configuration similar to below in ASM v12, and would like to be able to still get an alert when the exact attack signature would be met:

 

/allowed/url.html with header based JSON profile "allow SQL signature X"

 

This "SQL signature X" is in blocking for the rest of the site, but I would still like to get an alert if it is seen on the /allowed/url.html

 

Is it possible for that to happen, or since it is in the allowed url in the JSON profile is that not an option? Thanks!