BIG-IP false SQL injection alarm when trying to update a Wordpress page
Hi all, first of all, I am not sure if I ask this question in the right forum. Please direct me to the right one if this is not the place to ask this question.
I host my Wordpress-based website with a hosting provider that uses F5 BIG-IP for web application firewall and I have a regular false alarm when trying to update a page through Wordpress admin. The firewall detects an SQL injection on certain pages. On a certain page where alarm was triggered, I tried to nail down which word/characters that caused that. It turned out to be a ")" character. But using this character in other part of page content will not trigger anything and update went successfully.
My hosting provider could not provide any suggestion other than asking me whether I would like to disable the rule and allow it to pass. I am not comfortable to disable the rule since I don't know yet what actually triggered this.
Any suggestion or hint on how to find out what exactly caused this? Thank you.