“FAQ” post for Frequently Asked (and presales) Questions about BBQ Pro.
Also check out Reasons to Get BBQ Pro »
Do I need to do anything else for BBQ to work?
Nope, just install and relax knowing that BBQ is protecting your site from bad URL requests.
Do I need any coding skills to use BBQ Pro?
As with the free version of the plugin, everything is plug-n-play with no configuration required. Once you activate the plugin and license, BBQ protection is enabled. So you can just “set it and forget it”, or visit the BBQ Pro admin to customize settings and patterns exactly as desired.
Can I upgrade my license after purchase?
Yes that can be done anytime after purchase. The price will be the difference between the two licenses. To upgrade, send us an email with your username, current license, and desired license.
Does BBQ Pro work with WP Multisite?
Yes, BBQ Pro works with multisite! The license count is per site, however, not per network. So you would want to pick the license that supports however many sites are required.
What other security plugins do you recommend?
I recently recorded a video tutorial series for Lynda.com on how to secure WordPress sites. That’s a good place to learn more about the best techniques and WP plugins for protecting your site against threats.
How do I customize the default plugin settings?
Visit the Settings screen. Click the “Help” tab in the upper-right corner at any time for complete documentation.
How do I customize the default patterns that are used by BBQ to block bad requests?
Visit the Patterns screen. Click the “Help” tab in the upper-right corner at any time for complete documentation.
Does BBQ Pro affect/use .htaccess?
No, BBQ Pro does not modify any files whatsoever. It definitely does not do anything to/with .htaccess. BBQ Pro does not affect, use, or have anything to do with any .htaccess file, anywhere.
Can I use BBQ Pro and WordFence Firewall together at the same time?
Yes absolutely, many people use both plugins. The plugins focus on different aspects of security, and the firewalls are blocking different things, so yes it’s fine to use both together on any WordPress site.
Can we disable the plugin called “SpamReferrerBlock” if we are running BBQ Pro?
Yes, basically the plugins are aimed at two different things:
- SpamReferrerBlock block referrer spam only
- BBQ Pro blocks all types of bad requests, not just referrer traffic
So yes you can disable the other plugin when you are running BBQ Pro. Then if you notice any weird/unwanted requests making it through, you can easily block them.
How can I log blocked requests?
Out of the box, BBQ Pro provides basic statistics, so you can tell which patterns are most effective and fine-tune your firewall. To go further, you can log blocked requests by installing a free plugin.
Can I block user-enumeration scans with BBQ Pro?
Yes, quite easily. Just follow this tutorial.
Does BBQ block malicious strings included in arrays?
Yes, BBQ Pro scans any arrays that are included in the URI request. If any matching patterns are found, the request is blocked.
Does BBQ scan for *existing* hacks and exploits?
BBQ Pro detects bad requests for non-existent resources; it assumes that, if a resource exists, then any request for it is legit. If you need to protect an existing resource against access, there are plenty of methods available (e.g., password-protection). Or, if you want to scan your site for existing payloads, try a virus scanner.
Which is faster, BBQ Pro or 5G/6G via .htaccess?
There is no significant performance difference between using 5G/6G and BBQ Pro. There is a theoretical difference because Apache handles requests at the server layer, but for most cases the measurable difference is negligible. BBQ Pro is super fast and specifically focused on performance. Of course, there are many other factors that may come into play, but strictly comparing 5G/6G and BBQ Pro, they’re pretty much equally fast.
Do I need to install 6G Firewall/Blacklist if I am using BBQ Pro?
Security is not an all-or-nothing type of deal; instead, it’s all about adding layers of protection to your site. That said, the 6G firewall is another strong layer of protection, but is not required if you are running BBQ Pro. For more information, check out the 6G FAQs.
Is it possible to block user agents with wildcards like “*.ru”?
Yes, you can simply add
.ru to block all referrers that contain those characters. No need to add any wildcard characters (the strings are treated as literal but matched anywhere in the referrer).
Is it safe to block “127.0.0.1”?
Yes, that string is blocked by default under BBQ Pro’s Basic Patterns. The string refers to the loopback/localhost IP address, and is used by bad guys in a variety of attacks. The only time you would need to disable the pattern would be if you get blocked while working locally. You can always re-enable the pattern once your site goes live.
Could you tell me the difference between BBQ Pro and Jetpack Protect?
They secure different aspects of your site. Specifically, Jetpack Protect focuses on login protection (brute force attacks), while BBQ Pro provides strong firewall security, which helps protect against malicious attacks in general. So running both plugins is 100% fine to give you strong firewall protection (BBQ) and solid brute-force protection (Jetpack).
Where can I find more information about BBQ Pro?
Check out the Help tab (upper-right corner) on any of the plugin screens for complete documentation.
Also check out the following resources:
Additionally, tutorials for BBQ Pro will be posted in the Tuts category.
Do you offer any other security plugins?
Yes, check out Blackhole Pro for advanced protection against bad bots, and Banhammer Pro to keep an eye on traffic. I also have a video course on WordPress security, which provides more plugin recommendations and tons of tips and tricks.