How to Setup BBQ: Block Bad Queries on WordPress Updated on March 15, 2023 by InMotion Hosting Contributor 1 Minutes, 34 Seconds to Read BBQ: Block Bad Queries is a small WordPress security plugin that does one thing: block malicious requests. The plug-and-play plugin fights SQL injections, file execution attempts, and more. For example, BBQ scans URL requests for queries searching for executable .exe files, archived .tar compression packages, hidden files with sensitive information, and bash commands such as makefile. BBQ does this without modifying your .htaccess file, database tables, or production workflow in any way. It simply scans URL requests and blocks them when matching patterns are found. Note: BBQ is designed and expected to work alongside other major WordPress security plugins. We recommend WP Cerber Security or Wordfence Security. Below we’ll enable BBQ: Block Bad Queries. Set Up BBQ: Block Bad Queries This is a plug-and-play plugin. You can easily install the plugin manually or via WP-CLI (plugin name block-bad-queries). Below we’ll use the WordPress dashboard. Log in to WordPress. Install the BBQ: Block Bad Queries plugin. Activate the plugin. That’s it! Click Settings under Block Bad Queries (BBQ) for a link to its respective WordPress.org page, BBQ Version, and link to the Pro version. You can also view this page under the Settings section on the left. The Pro version includes more features such as redirect URLs, URL request statistics, and more. If your security scanner – e.g. ClamAV or Sucuri – reports malware while BBQ is installed, it may have simply found BBQ’s blacklist. Please contact our 24/7 Technical Support for further assistance. Are you learning more about WordPress security? Read more about WordPress and general web security with the following articles: 10 Ways to Secure WordPress with plugins, best security practices, and other configurations Check out Sucuri web application firewall (WAF) for improved security and performance VPS Hosting offers server-level security features via WebHost Manager (WHM) unavailable to Business Hosting customers: cPHulk Brute Force Login Protection ClamAV cPanel Account Scanner And more Share this Article InMotion Hosting Contributor Content Writer InMotion Hosting contributors are highly knowledgeable individuals who create relevant content on new trends and troubleshooting techniques to help you achieve your online goals! More Articles by InMotion Hosting Related Articles How to Create an Admin Account in WordPress via MySQL Create a Footer for WordPress How to Create a Gallery in WordPress without a Plugin How to Disable the WP-Cron (wp-cron.php) in WordPress How to Change Your Site URL in Your WordPress Admin Dashboard W3 Total Cache – Guide to WordPress Caching WordPress – Changing the Site URL and Home Settings How to Globally Change the Font in WordPress How to Install WordPress using Softaculous Cleaning Up Old Post Metadata in WordPress
