diff --git a/CHANGES b/CHANGES
index 128d38a00b..7303686c55 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,9 @@
 
+2.6-beta2-3 | 2018-09-19 15:21:00 -0500
+
+  * Add HTTP::sqli_policy hook to ignore counting a request as a SQL injection
+    (Justin Azoff)
+
 2.6-beta2 | 2018-09-18 16:52:34 -0500
 
   * Release 2.6-beta2
diff --git a/NEWS b/NEWS
index 6c513e9d26..a9360d2eec 100644
--- a/NEWS
+++ b/NEWS
@@ -280,6 +280,9 @@ New Functionality
 - HTTP now recognizes and skips upgraded/websocket connections.  A new event,
   "http_connection_upgrade", is raised in such cases.
 
+- A new hook, HTTP::sqli_policy, may be used to whitelist requests that
+  could otherwise be counted as SQL injection attempts.
+
 - Added a MOUNT3 protocol parser
 
   - This is not enabled by default (no ports are registered and no
diff --git a/VERSION b/VERSION
index 447b6241b5..6da25a8a6b 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.6-beta2
+2.6-beta2-3
diff --git a/scripts/policy/protocols/http/detect-sqli.bro b/scripts/policy/protocols/http/detect-sqli.bro
index 5d1b3b6b8c..01c98ba0d7 100644
--- a/scripts/policy/protocols/http/detect-sqli.bro
+++ b/scripts/policy/protocols/http/detect-sqli.bro
@@ -52,6 +52,11 @@ export {
 		| /[\?&][^[:blank:]\x00-\x37\|]+?=([[:blank:]\x00-\x37]|\/\*.*?\*\/)*['"]([[:blank:]\x00-\x37]|\/\*.*?\*\/|;)*([xX]?[oO][rR]|[nN]?[aA][nN][dD]|[hH][aA][vV][iI][nN][gG]|[uU][nN][iI][oO][nN]|[eE][xX][eE][cC]|[sS][eE][lL][eE][cC][tT]|[dD][eE][lL][eE][tT][eE]|[dD][rR][oO][pP]|[dD][eE][cC][lL][aA][rR][eE]|[cC][rR][eE][aA][tT][eE]|[rR][eE][gG][eE][xX][pP]|[iI][nN][sS][eE][rR][tT])([[:blank:]\x00-\x37]|\/\*.*?\*\/|[\[(])+[a-zA-Z&]{2,}/
 		| /[\?&][^[:blank:]\x00-\x37]+?=[^\.]*?([cC][hH][aA][rR]|[aA][sS][cC][iI][iI]|[sS][uU][bB][sS][tT][rR][iI][nN][gG]|[tT][rR][uU][nN][cC][aA][tT][eE]|[vV][eE][rR][sS][iI][oO][nN]|[lL][eE][nN][gG][tT][hH])\(/
 		| /\/\*![[:digit:]]{5}.*?\*\// &redef;
+
+	## A hook that can be used to prevent specific requests from being counted
+	## as an injection attempt.  Use a 'break' statement to exit the hook
+	## early and ignore the request.
+	global HTTP::sqli_policy: hook(c: connection, method: string, unescaped_URI: string);
 }
 
 function format_sqli_samples(samples: vector of SumStats::Observation): string
@@ -109,6 +114,9 @@ event bro_init() &priority=3
 event http_request(c: connection, method: string, original_URI: string,
                    unescaped_URI: string, version: string) &priority=3
 	{
+	if ( ! hook HTTP::sqli_policy(c, method, unescaped_URI) )
+		return;
+
 	if ( match_sql_injection_uri in unescaped_URI )
 		{
 		add c$http$tags[URI_SQLI];