In this tutorial, we’ll walk through some examples showing how to block spam and other bad requests by adding custom patterns. These examples are taken from real life questions sent in by BBQ Pro users. So grab your favorite beverage and follow along!

Example 1

A user was getting hammered by requests that look like this:

http://example.com/?s=%AE%98%E7%BD%91+Q82019309.com.com
http://example.com/?s=%90%E5%B9%B3%E5%8F%B08+Q82019309.com.com
http://example.com/?s=%95%E9%B1%BC%E6%B8%B8%E6%88%8F+Q82019309.com.com
http://example.com/?s=%E5%A4%A7%E5%A5%96%E5%A8%B1%E4%B9%90%E5%AE%98%E7%BD%91+Q82019309.com.com

To stop this kind of nonsense, we determine the most unique common factor shared by these requests. Immediately we notice that they all include the string .com.com, which is a perfect candidate because it’s not something that is normally included in URLs. So to block:

  1. Enable Custom Patterns via BBQ Pro Settings
  2. Visit Firewall ▸ Custom ▸ Query String
  3. Click “Add Pattern” and enter .com.com
  4. Save changes and done.

After completing these steps, all requests that include .com.com in the query string will be blocked.

Example 2

Next, we have a case where a site was getting hit with tons of requests like this:

http://example.com/iyob4x/10-sal-ki-bina-baal.html
http://example.com/iyob4x/10-sal-ki-bina-baal-vali.html
http://example.com/iyob4x/10-sal-ki-bina-baal-vali-ladki.html

Notice the most unique common factor? Yep, it’s iyob4x, which enables us to block all future requests quite easily. Here are the steps:

  1. Enable Custom Patterns via BBQ Pro Settings
  2. Visit Firewall ▸ Custom ▸ Query String
  3. Click “Add Pattern” and enter iyob4x
  4. Save changes and done.

After completing these steps, all requests that include iyob4x in the main request URI will be blocked.

Note: I’ll be updating this post with more examples as they become available. It’s a work in progress ;)

Customize the server response

By default, BBQ Pro returns a default response of “403 – Forbidden”, which is suitable for illicit requests for non-existent resources. But you can change the response code to whatever you would like, via the plugin setting, “Status Code”. For more information, check out this tutorial, or click the “Help” tab in the upper-right corner of the settings screen.