Plugin / BBQ: Block Bad Queries

Jeff Starr
Download from WordPress

Frequently Asked Questions (FAQ)

I recently recorded a video tutorial series for Lynda.com on how to secure WordPress sites. That’s a good place to learn more about the best techniques and WP plugins for protecting your site against threats.
Nope, just install and relax knowing that BBQ is protecting your site from bad URL requests.
No settings needed for BBQ! Everything is done automatically behind the scenes. Zero configuration required. The free version of BBQ is strictly plug-n-play, set-it-and-forget-it, with no settings to configure whatsoever. Just install, activate, and enjoy better security and robust protection against malicious requests. The Pro version of BBQ is just as fast and simple to use, but is much more powerful and includes robust settings to customize and fine-tune your firewall.
Yes BBQ free and BBQ Pro are both compatible with any plugin written according to the WP API. And yes, there is benefit to using BBQ with any other security plugin, including Wordfence. They protect against different threats, so using both means you are extra secure.
Absolutely not. Unlike other security/firewall plugins, neither BBQ (free version) nor BBQ Pro make any changes to any .htaccess file.
No, the free version of BBQ operates as each page is loaded; it does not make any changes whatsoever to the WP database.
Yes, BBQ scans any arrays that are included in the URI request. If any matching patterns are found, the request is blocked.
For example, if your PHP/plugin scanner reports something like, “found 0x3c62723e which is bad.” Normally you would not want to find such bad strings of code, but there is an exception for security plugins. Think about it: in order to block some nasty string, BBQ must know about it. So each bad string that is blocked by BBQ is included in the plugin “blacklist”. That means, when some PHP scanner looks at BBQ and finds some known bad strings, it just means that the scanner has discovered BBQ’s list of blocked terms. In other words, BBQ contains static strings of non-functional text, in order to match and block malicious requests to your site. I hope this makes sense, feel free to contact me if I may provide any further infos.
Nope! BBQ is available in the following flavors: BBQ Free – WordPress Plugin BBQ Pro – WordPress Plugin BBQ Standalone PHP Script So you can check out the Standalone PHP Script for sites that are not running WordPress.
Full question: “Except most of the rules overlapping, is it counter productive (site slowing down for example, potential conflicts, bugs) or is there any risks using 6G/7G Firewall + BBQ at the same time?” Answer: It’s fine to run both BBQ and 6G/7G Firewall at the same time. Both firewalls are super fast, so they won’t slow things down. In other words the two firewalls play well together. The only downside is that some of the rules will be redundant, but there should be no negative impact on performance. The upside is that you get extra protection when using both, as there are variations in the firewall rules and patterns, etc.
Yes, check out Blackhole for Bad Bots to protect your site against bad bots. I also have a video course on WordPress security, for more plugin recommendations and lots of tips and tricks.
Send any questions or feedback via my contact form.

Ratings

5
75 reviews

Rating breakdown

Details Information

Version

20191109

First Released

05 Mar, 2010

Total Downloads

1,068,322

Wordpress Version

4.1 or higher

Tested up to:

5.3

Require PHP Version:

5.6.20 or higher

Tags

firewall hack malicious protect security

Contributors

Jeff Starr Aldo WP Blog Host Julio Potier lernerconsulting

Languages

Croatian English (US) French (France) German Italian Russian Slovak Spanish (Spain)

DIRECTORY DISCLAIMER

The information provided in this THEME/PLUGIN DIRECTORY is made available for information purposes only, and intended to serve as a resource to enable visitors to select a relevant theme or plugin. wpSocket gives no warranty of any kind, express or implied with regard to the information, including without limitation any warranty that the particular theme or plugin that you select is qualified on your situation.

The information in the individual theme or plugin displayed in the Directory is provided by the owners and contributors themselves. wpSocket gives no warranty as to the accuracy of the information and will not be liable to you for any loss or damage suffered by you as a consequence of your reliance on the information.

Links to respective sites are offered to assist in accessing additional information. The links may be outdated or broken. Connect to outside sites at your own risk. The Theme/Plugin Directory does not endorse the content or accuracy of any listing or external website.

While information is made available, no guarantee is given that the details provided are correct, complete or up-to-date.

wpSocket is not related to the theme or plugin, and also not responsible and expressly disclaims all liability for, damages of any kind, arising out of the use, reference to, or reliance on, any information or business listed throughout our site.

Keep Leading Your Followers!
Share it for them.