This section provides an extra level of protection. With this option enabled, plugin will look for strings of most common attacks. If the present number of suspicious words is equal to or greater than 3, the plugin will block the request. We can modify this limit to adapt it to our requeriments.
An example of the suspicious words included in the check are: "drop","admin","select",$dbprefix,"user","password","concat","login", "load_file","ascii","char","union","from", … Each of these words separately indicates nothing, but together they may indicate an attack not included in our filters. We can add or delete words of this list to adapt it to our requeriments.
If this option is enabled we can notice an increase in false positives.