One of the benefits of BBQ Pro over the free version, is that all of the firewall patterns are easily enabled or disabled via the plugin settings. So any pattern that is causing an issue can be disabled with a couple of clicks. This makes it possible to resolve any false positive blocking that may be happening on your WordPress-powered site.
Before you begin..
To prepare for testing, make sure that the only active plugin is BBQ Pro. If you are unable to deactivate all other plugins, best advice is to set up a local/private test site. Either way, once BBQ Pro is the only active plugin on your site, visit the BBQ settings and disable the following options:
- Basic Rules
- Advanced Rules
- Custom Rules
- Logged-in Users
- Limit Requests
- Empty Agents
- Strict Mode
Remember to save the changes.
Next, remove your IP address (the one from which you will be doing the testing) from the setting, “Whitelist IPs”.
The above configuration will give you a clean slate for testing BBQ and resolving false positives.
How to diagnose a false positive
The easiest way for non-tech folks to troubleshoot and resolve false positives is to follow these steps. This is just basic troubleshooting spelled out specifically for BBQ Pro. Let’s say that we have some page that is not working when BBQ Pro is active. Here are the steps to figure out which firewall pattern is interfering:
- Deactivate the plugin and retest the non-working/blocked page
- If the problem persists when the plugin is deactivated, then stop; the issue is not with BBQ Pro
- OR if the page starts working when BBQ is deactivated, then proceed to the next step
- Visit the BBQ settings and disable all firewall rules except for “Basic Rules”
- Retest the non-working/blocked page
- If the page now is working, then the issue is with one of the disabled BBQ settings
- Otherwise if the page still is not working, then return to BBQ settings and go to the next step
- At this point, we know the issue is with the Basic BBQ patterns. So now disable say half of the patterns and retest the non-working page. Wash, rinse, repeat. This is known as the halving method.
Repeat these steps for each of the BBQ firewall rulesets:
- Basic Rules
- Advanced Rules
- Custom Rules
The “halving” process basically is just trial and error until the offending pattern is found. Start with only the Basic rules active and then “half” them until the non-working/blocked page starts working again. Or if the page is working when Basic rules are enabled, then enable the next ruleset (Advanced Rules) and repeat the process. At some point you will know exactly which pattern is at fault.
How to resolve a false positive
Once we know which pattern is responsible for the non-working/blocked page (false positive), it is easy to resolve the issue by simply disabling it. For example, if the offending pattern is curl(
, then uncheck the box next to the curl(
pattern. Save changes and done.