Hi, I just received a notification of a something HideMyWp blocked. I’ve had a sneaking suspicion that it has been blocking people from filling out forms and sending them to me. After my first inquiry with you I took your advice to disable the honeypot spam on settings and boost the threshold to 40. Since then I have gotten many intrusion notifications but this one is clearly someone trying to fill out a form. It is in the contact page and this was the notification I got:

IP: 76.167.180.175
User ID:
Date: 2016-07-04T18:58:58+00:00
Total Impact: 68
Affected tags: sqli id lfi xss csrf rfe

Affected parameters: REQUEST.input_4=I+don%26%23039%3Bt+have+much+experience+with+Karate+%3A+Judo+%2Cetc+but+I+wrestled+for+4+years+%26amp%3B+qualified+for+state+2x+%26amp%3B+was+ranked+number+one+in+the+County+for+my+weigh+class+my+Senior+year.+I+do+have+some+experience+in+Greco+Freestyle.+%0D%0A%0D%0A, REQUEST.state_1=WyJbXSIsIjBiNTRhMDk1NTRmNTA2MTNiYmJmYzU0M2EyZTIyYjk4Il0%3D, POST.input_4=I+don%26%23039%3Bt+have+much+experience+with+Karate+%3A+Judo+%2Cetc+but+I+wrestled+for+4+years+%26amp%3B+qualified+for+state+2x+%26amp%3B+was+ranked+number+one+in+the+County+for+my+weigh+class+my+Senior+year.+I+do+have+some+experience+in+Greco+Freestyle.+%0D%0A%0D%0A, POST.state_1=WyJbXSIsIjBiNTRhMDk1NTRmNTA2MTNiYmJmYzU0M2EyZTIyYjk4Il0%3D,

Request URI: /contact/
Origin: 50.63.97.1

On the backend it looks like this:
POST.input_4
I don’t have much experience with Karate : Judo ,etc but I wrestled for 4 years & qualified for state 2x & was ranked number one in the County for my weigh class my Senior year. I do have some experience in Greco Freestyle.
Impact/Total: 7 / 68

This is potentially a big problem for me if people cannot use our forms to communicate with us because that is where we get our business from. Would you be able to go into the site’s backend and take a look to see if there’s any specific reason this is happening?
Any help would be greatly appreciated. Thanks.

– Chris