BBQ Pro – Custom Pattern Examples

Spring Sale! Save 30% on any pro plugin w/ code: PLANET24

WP6.5

BBQ Pro – Custom Pattern Examples

Posted by Jeff Starr Category: BBQ Pro, Tuts Updated: August 1st, 2021

In this tutorial, we’ll walk through some examples showing how to block spam and other bad requests by adding custom patterns. These examples are taken from real life questions sent in by BBQ Pro users. So grab your favorite beverage and follow along!

Example 1

A user was getting hammered by requests that look like this:

http://example.com/?s=%AE%98%E7%BD%91+Q82019309.com.com
http://example.com/?s=%90%E5%B9%B3%E5%8F%B08+Q82019309.com.com
http://example.com/?s=%95%E9%B1%BC%E6%B8%B8%E6%88%8F+Q82019309.com.com
http://example.com/?s=%E5%A4%A7%E5%A5%96%E5%A8%B1%E4%B9%90%E5%AE%98%E7%BD%91+Q82019309.com.com

To stop this kind of nonsense, we determine the most unique common factor shared by these requests. Immediately we notice that they all include the string .com.com, which is a perfect candidate because it’s not something that is normally included in URLs. So to block:

Enable Custom Patterns via BBQ Pro Settings
Visit Firewall ▸ Custom ▸ Query String
Click “Add Pattern” and enter .com.com
Save changes and done.

After completing these steps, all requests that include .com.com in the query string will be blocked.

Example 2

Next, we have a case where a site was getting hit with tons of requests like this:

http://example.com/iyob4x/10-sal-ki-bina-baal.html
http://example.com/iyob4x/10-sal-ki-bina-baal-vali.html
http://example.com/iyob4x/10-sal-ki-bina-baal-vali-ladki.html

Notice the most unique common factor? Yep, it’s iyob4x, which enables us to block all future requests quite easily. Here are the steps:

Enable Custom Patterns via BBQ Pro Settings
Visit Firewall ▸ Custom ▸ Query String
Click “Add Pattern” and enter iyob4x
Save changes and done.

After completing these steps, all requests that include iyob4x in the main request URI will be blocked.

Note: I’ll be updating this post with more examples as they become available. It’s a work in progress ;)

Customize the server response

By default, BBQ Pro returns a default response of “403 – Forbidden”, which is suitable for illicit requests for non-existent resources. But you can change the response code to whatever you would like, via the plugin setting, “Status Code”. For more information, check out this tutorial, or click the “Help” tab in the upper-right corner of the settings screen.

« BBQ Pro – 6G Firewall FAQs

BBQ Pro – Block Range of IP Addresses »

Quality plugins since 2005.

Quality plugins since 2005.
Over 1 million happy users.
Top-rated customer support.

Plugin Planet