You are correct > this is a false positive. One or more of the POST Requests that were blocked and logged in the BPS Security log file contains text that matches a malicious code pattern. The Security Log file is a plain text file with only text in it so nothing in the text file is a threat. If you want to prevent this false positive in the future you can change this Security Log setting > POST Request Body Data > to > Do Not Log POST Request Body Data (0KB)