Today I am going to talk about a BBQ Firewall Pro, a plugin to secure your WordPress sites by blocking referrers, query strings, user agents, URI Paths and IP addresses
BBQ Firewall is available for free in the WordPress repository as a plug and play plugin.
BBQ Firewall Pro brings you option to create and customize a Firewall so you can protect your WordPress better.
Table of Contents
Why Did I Buy BBQ Firewall Pro?
I didn’t want to buy BBQ Firewall Pro because I felt that CloudFlare Firewall Rules do a better job.
The problem with Firewall Rules is that they are limited to 5 if you are CloudFlare Free plan user.
BBQ Firewall Pro is only $20 and you get lifetime updates so you don’t have to worry about one more subscription.
I didn’t think much about those $20 because Jeff Starr, the creator of the plugin has made great contributions in the WordPress security niche with his plugins and the knowledge that he shares.
His blog helped me a lot to create my custom CloudFlare Firewall
I bought BBQ Firewall Pro because it could help me deal with a bunch of sh*tty referrers I am dealing with lately.
The plugin did what it promises but the referrer part didn’t help block those referrers because I am using Ezoic caching.
Ezoic can make things difficult sometimes.
So at the end, I didn’t use BBQ Firewall Pro to help me with the problem I am trying to solve.
That doesn’t mean the plugin doesn’t deliver what it promises.
BBQ Firewall Pro: Custom Firewall
I think that BBQ Firewall by default can secure your WordPress until a certain point.
If I Interpret what I have been reading in Jeff’s blogs, BBQ Firewall blocks certain query strings, user agents and requests that could be a focus of problems for most WordPress users out there.
The firewall by default has been created by the problems that Jeff has dealt with in the past.
The magic from this plugin comes from the fact that you can build a custom firewall on top of what Jeff already built
This is what the custom tab of the plugin look like:
You can add as many patterns as you want to secure your WordPress site even more.
This could also be the problem for many wordpress users, they don’t know what else to add there.
If you don’t know what to add there, you have to make a choice between these three:
- Learn more about what hackers and bots are looking for
- Stick to the free version of the plugin
- Use a different plugin to handle WordPress security
Having said that, you don’t need to turn into a WordPress security expert overnight, you can monitor your site 404 errors and try to find those patterns that you need to build your custom Firewall.
Honest WordPress Security
I know that creating a custom firewall can be a difficult thing to do if you don’t know the basics.
That’s why some try to sell you $100 subscriptions to protect your WordPress.
I value that BBQ Firewall Pro lets you create custom Firewall. Sometimes you just need to block a certain pattern and you can sleep better at night.
- I block my login pages using CloudFlare Firewalls rules so I don’t have to worry about brute force attacks and the many security measures available to counter those attacks
- You can do the same with .php files. No visitor has to check those so if you are trying to check that, you are gonna get blocked.
I understand that some people don’t wanna deal with that and that’s fine but BBQ Firewall helps you deal with that in a non-expensive way.
More about WordPress Security
These are some posts about WordPress Security that you might be interested in