BBQ: Block Bad Queries - Version 20170322

Version Description

To upgrade BBQ, remove old version and replace with new version. Or just click "Update" from the Plugins screen and let WordPress do it for you automatically. Nothing else needs done.

Download this release

Release Info

Developer specialk
Plugin Icon 128x128 BBQ: Block Bad Queries
Version 20170322
Comparing to
See all releases

Version 20170322

assets/admin-styles.css ADDED
@@ -0,0 +1,11 @@
1
+ /* Block Bad Queries - Admin CSS */
2
+
3
+ .wp-admin h1 {
4
+ margin: 0 0 8px 0; padding: 8px 0 8px 55px; text-shadow: 1px 1px 1px rgba(255,255,255,0.5);
5
+ background-image: url(bbq-icon-88x88.png); background-repeat: no-repeat; background-position: left center; background-size: 44px 44px;
6
+ }
7
+ .wp-admin .bbq-pro { margin: 25px 0; }
8
+ .wp-admin .bbq-pro a { box-shadow: 0 20px 25px -20px rgba(0,0,0,0.7); }
9
+ .wp-admin .bbq-pro a,
10
+ .wp-admin .bbq-pro a:hover,
11
+ .wp-admin .bbq-pro a img { display: block; width: 480px; height: 125px; margin: 0; padding: 0; border: 0; text-decoration: none; }
assets/bbq-icon-88x88.png ADDED
Binary file
assets/bbq-pro-960x250.jpg ADDED
Binary file
bbq-settings.php ADDED
@@ -0,0 +1,167 @@
1
+ <?php // Block Bad Queries - Settings
2
+
3
+ if (!defined('ABSPATH')) exit;
4
+
5
+ function bbq_languages() {
6
+
7
+ load_plugin_textdomain('block-bad-queries', false, BBQ_DIR .'languages/');
8
+
9
+ }
10
+ add_action('plugins_loaded', 'bbq_languages');
11
+
12
+ function bbq_options() {
13
+
14
+ $bbq_options = array(
15
+
16
+ 'version' => BBQ_VERSION,
17
+
18
+ );
19
+
20
+ return $bbq_options;
21
+ }
22
+
23
+ function bbq_register_settings() {
24
+
25
+ // register_setting( $option_group, $option_name, $sanitize_callback );
26
+ register_setting('bbq_options_free', 'bbq_options_free', 'bbq_validate_options');
27
+
28
+ // add_settings_section( $id, $title, $callback, $page );
29
+ add_settings_section('general', esc_html__('Plugin Information', 'block-bad-queries'), 'bbq_settings_section_general', 'bbq_options_free');
30
+
31
+ // add_settings_field( $id, $title, $callback, $page, $section, $args );
32
+ add_settings_field('version', esc_html__('BBQ Version', 'block-bad-queries'), 'bbq_callback_version', 'bbq_options_free', 'general', array('id' => 'version', 'label' => ''));
33
+
34
+ add_settings_section('upgrade', esc_html__('Upgrade to BBQ Pro', 'block-bad-queries'), 'bbq_settings_section_upgrade', 'bbq_options_free');
35
+
36
+ }
37
+ add_action('admin_init', 'bbq_register_settings');
38
+
39
+ function bbq_validate_options($input) {
40
+
41
+ if (!isset($input['version'])) $input['version'] = null;
42
+
43
+ return $input;
44
+
45
+ }
46
+
47
+ function bbq_settings_section_general() {
48
+
49
+ echo '<p>'. esc_html__('Thanks for using the free version of ', 'block-bad-queries');
50
+ echo '<a target="_blank" href="https://wordpress.org/plugins/block-bad-queries/">'. esc_html__('Block Bad Queries (BBQ)', 'block-bad-queries') .'</a>.</p>';
51
+ echo '<p>'. esc_html__('The free version is completely plug-&amp;-play, protecting your site automatically with no settings required.', 'block-bad-queries') .'</p>';
52
+
53
+ }
54
+
55
+ function bbq_settings_section_upgrade() {
56
+
57
+ $url = esc_url('https://plugin-planet.com/bbq-pro/');
58
+ $text = esc_html__('Upgrade your site security with advanced protection and complete control. ', 'block-bad-queries');
59
+ $alt = esc_attr__('BBQ Pro: Advanced WordPress Firewall', 'block-bad-queries');
60
+ $src = esc_url(BBQ_URL .'assets/bbq-pro-960x250.jpg');
61
+
62
+ $upgrade = '<p>';
63
+ $upgrade .= $text;
64
+ $upgrade .= '<a target="_blank" href="'. $url .'">'. esc_html__('Get BBQ Pro &raquo;', 'block-bad-queries') .'</a>';
65
+ $upgrade .= '</p>';
66
+
67
+ $upgrade .= '<p class="bbq-pro">';
68
+ $upgrade .= '<a target="_blank" href="'. $url .'" title="'. $text .'"><img src="'. $src .'" width="480" height="125" alt="'. $alt .'"></a>';
69
+ $upgrade .= '</p>';
70
+
71
+ echo $upgrade;
72
+
73
+ }
74
+
75
+ function bbq_callback_version($args) {
76
+
77
+ $bbq_options = get_option('bbq_options_free', bbq_options());
78
+
79
+ $id = isset($args['id']) ? $args['id'] : '';
80
+ $label = isset($args['label']) ? $args['label'] : '';
81
+ $version = isset($bbq_options[$id]) ? esc_html($bbq_options[$id]) : BBQ_VERSION;
82
+
83
+ echo $version;
84
+
85
+ }
86
+
87
+ function bbq_action_links($links, $file) {
88
+
89
+ if ($file == BBQ_FILE) {
90
+
91
+ $settings_url = admin_url('options-general.php?page=bbq_settings');
92
+ $settings_title = esc_attr__('Visit the BBQ plugin page', 'block-bad-queries');
93
+ $settings_text = esc_html__('Settings', 'block-bad-queries');
94
+
95
+ $settings_link = '<a href="'. $settings_url .'" title="'. $settings_title .'">'. $settings_text .'</a>';
96
+
97
+ $pro_url = esc_url('https://plugin-planet.com/bbq-pro/');
98
+ $pro_title = esc_attr__('Get BBQ Pro for advanced protection', 'block-bad-queries');
99
+ $pro_text = esc_html__('Go&nbsp;Pro', 'block-bad-queries');
100
+ $pro_style = esc_attr('font-weight:bold;');
101
+
102
+ $pro_link = '<a target="_blank" href="'. $pro_url .'" title="'. $pro_title .'" style="'. $pro_style .'">'. $pro_text .'</a>';
103
+
104
+ array_unshift($links, $pro_link, $settings_link);
105
+
106
+ }
107
+
108
+ return $links;
109
+
110
+ }
111
+ add_filter('plugin_action_links', 'bbq_action_links', 10, 2);
112
+
113
+ function bbq_meta_links($links, $file) {
114
+
115
+ if ($file == BBQ_FILE) {
116
+
117
+ $rate_url = esc_url('https://wordpress.org/support/plugin/block-bad-queries/reviews/?rate=5#new-post');
118
+ $rate_title = esc_attr__('Click here to rate and review this plugin at WordPress.org', 'block-bad-queries');
119
+ $rate_text = esc_html__('Rate this plugin&nbsp;&raquo;', 'block-bad-queries');
120
+
121
+ $links[] = '<a target="_blank" href="'. $rate_url .'" title="'. $rate_title .'">'. $rate_text .'</a>';
122
+
123
+ }
124
+
125
+ return $links;
126
+
127
+ }
128
+ add_filter('plugin_row_meta', 'bbq_meta_links', 10, 2);
129
+
130
+ function bbq_menu_page() {
131
+
132
+ $title = esc_html__('Block Bad Queries', 'block-bad-queries');
133
+
134
+ // add_options_page( $page_title, $menu_title, $capability, $menu_slug, $function);
135
+ add_options_page($title, $title, 'manage_options', 'bbq_settings', 'bbq_display_settings');
136
+
137
+ }
138
+ add_action('admin_menu', 'bbq_menu_page');
139
+
140
+ function bbq_display_settings() { ?>
141
+
142
+ <div class="wrap">
143
+ <h1><?php esc_html_e('Block Bad Queries', 'block-bad-queries'); ?></h1>
144
+ <form method="post" action="options.php">
145
+ <?php
146
+ settings_fields('bbq_options_free');
147
+ do_settings_sections('bbq_options_free');
148
+ // submit_button();
149
+ ?>
150
+ </form>
151
+ </div>
152
+
153
+ <?php }
154
+
155
+ function bbq_enqueue_resources_admin() {
156
+
157
+ $screen = get_current_screen();
158
+
159
+ if ($screen->id === 'settings_page_bbq_settings') {
160
+
161
+ // wp_enqueue_style ( $handle, $src, $deps, $ver, $media )
162
+ wp_enqueue_style('bbq_admin', BBQ_URL .'assets/admin-styles.css');
163
+
164
+ }
165
+
166
+ }
167
+ add_action('admin_enqueue_scripts', 'bbq_enqueue_resources_admin');
block-bad-queries.php ADDED
@@ -0,0 +1,87 @@
1
+ <?php
2
+ /*
3
+ Plugin Name: Block Bad Queries (BBQ)
4
+ Plugin URI: https://perishablepress.com/block-bad-queries/
5
+ Description: BBQ is a super fast firewall that automatically protects WordPress against malicious URL requests.
6
+ Tags: firewall, security, protect, lockdown, blacklist, hack, eval, http, malicious, query, request, secure, spam, whitelist
7
+ Usage: No configuration necessary. Upload, activate and done. BBQ blocks bad queries automically to protect your site against malicious URL requests. For advanced protection check out BBQ Pro.
8
+ Author: Jeff Starr
9
+ Author URI: https://plugin-planet.com/
10
+ Contributors: specialk, aldolat, WpBlogHost, jameswilkes, juliobox, lernerconsult
11
+ Donate link: https://m0n.co/donate
12
+ Requires at least: 4.1
13
+ Tested up to: 4.8
14
+ Stable tag: 20170322
15
+ Version: 20170322
16
+ Text Domain: block-bad-queries
17
+ Domain Path: /languages
18
+ License: GPLv2 or later
19
+ */
20
+
21
+ /*
22
+ This program is free software; you can redistribute it and/or
23
+ modify it under the terms of the GNU General Public License
24
+ as published by the Free Software Foundation; either version 2
25
+ of the License, or (at your option) any later version.
26
+
27
+ This program is distributed in the hope that it will be useful,
28
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
29
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
30
+ GNU General Public License for more details.
31
+
32
+ Get a copy of the GNU General Public License: http://www.gnu.org/licenses/
33
+ */
34
+
35
+ if (!defined('ABSPATH')) die();
36
+
37
+ if (!defined('BBQ_VERSION')) define('BBQ_VERSION', '20170322');
38
+ if (!defined('BBQ_FILE')) define('BBQ_FILE', plugin_basename(__FILE__));
39
+ if (!defined('BBQ_DIR')) define('BBQ_DIR', plugin_dir_path(__FILE__));
40
+ if (!defined('BBQ_URL')) define('BBQ_URL', plugin_dir_url(__FILE__));
41
+
42
+ function bbq_core() {
43
+
44
+ $request_uri_array = apply_filters('request_uri_items', array('eval\(', 'UNION(.*)SELECT', '\(null\)', 'base64_', '\/localhost', '\%2Flocalhost', '\/pingserver', '\/config\.', '\/wwwroot', '\/makefile', 'crossdomain\.', 'proc\/self\/environ', 'etc\/passwd', '\/https\:', '\/http\:', '\/ftp\:', '\/cgi\/', '\.cgi', '\.exe', '\.sql', '\.ini', '\.dll', '\.asp', '\.jsp', '\/\.bash', '\/\.git', '\/\.svn', '\/\.tar', ' ', '\<', '\>', '\/\=', '\.\.\.', '\+\+\+', '\/&&', '\/Nt\.', '\;Nt\.', '\=Nt\.', '\,Nt\.', '\.exec\(', '\)\.html\(', '\{x\.html\(', '\(function\(', '\.php\([0-9]+\)', '(benchmark|sleep)(\s|%20)*\('));
45
+ $query_string_array = apply_filters('query_string_items', array('\.\.\/', '127\.0\.0\.1', 'localhost', 'loopback', '\%0A', '\%0D', '\%00', '\%2e\%2e', 'input_file', 'execute', 'mosconfig', 'path\=\.', 'mod\=\.', 'wp-config\.php'));
46
+ $user_agent_array = apply_filters('user_agent_items', array('acapbot', 'binlar', 'casper', 'cmswor', 'diavol', 'dotbot', 'finder', 'flicky', 'morfeus', 'nutch', 'planet', 'purebot', 'pycurl', 'semalt', 'skygrid', 'snoopy', 'sucker', 'turnit', 'vikspi', 'zmeu'));
47
+
48
+ $request_uri_string = false;
49
+ $query_string_string = false;
50
+ $user_agent_string = false;
51
+
52
+ if (isset($_SERVER['REQUEST_URI']) && !empty($_SERVER['REQUEST_URI'])) $request_uri_string = $_SERVER['REQUEST_URI'];
53
+ if (isset($_SERVER['QUERY_STRING']) && !empty($_SERVER['QUERY_STRING'])) $query_string_string = $_SERVER['QUERY_STRING'];
54
+ if (isset($_SERVER['HTTP_USER_AGENT']) && !empty($_SERVER['HTTP_USER_AGENT'])) $user_agent_string = $_SERVER['HTTP_USER_AGENT'];
55
+
56
+ if ($request_uri_string || $query_string_string || $user_agent_string) {
57
+
58
+ if (
59
+
60
+ // strlen( $_SERVER['REQUEST_URI'] ) > 255 || // optional
61
+
62
+ preg_match('/'. implode('|', $request_uri_array) .'/i', $request_uri_string) ||
63
+ preg_match('/'. implode('|', $query_string_array) .'/i', $query_string_string) ||
64
+ preg_match('/'. implode('|', $user_agent_array) .'/i', $user_agent_string)
65
+
66
+ ) {
67
+
68
+ bbq_response();
69
+
70
+ }
71
+
72
+ }
73
+
74
+ }
75
+ add_action('plugins_loaded', 'bbq_core');
76
+
77
+ function bbq_response() {
78
+
79
+ header('HTTP/1.1 403 Forbidden');
80
+ header('Status: 403 Forbidden');
81
+ header('Connection: Close');
82
+
83
+ exit;
84
+
85
+ }
86
+
87
+ if (is_admin()) require_once BBQ_DIR .'bbq-settings.php';
languages/block-bad-queries-fr_FR.mo ADDED
Binary file
languages/block-bad-queries-fr_FR.po ADDED
@@ -0,0 +1,114 @@
1
+ msgid ""
2
+ msgstr ""
3
+ "Project-Id-Version: Block Bad Queries (BBQ)\n"
4
+ "POT-Creation-Date: 2017-05-04 00:23+0200\n"
5
+ "PO-Revision-Date: 2017-05-04 00:57+0200\n"
6
+ "Last-Translator: Bouzin <info@conceptiweb.com>\n"
7
+ "Language-Team: Bouzin <info@conceptiweb.com>\n"
8
+ "Language: fr_FR\n"
9
+ "MIME-Version: 1.0\n"
10
+ "Content-Type: text/plain; charset=UTF-8\n"
11
+ "Content-Transfer-Encoding: 8bit\n"
12
+ "X-Generator: Poedit 2.0.1\n"
13
+ "X-Poedit-Basepath: ..\n"
14
+ "Plural-Forms: nplurals=2; plural=(n > 1);\n"
15
+ "X-Poedit-Flags-xgettext: --add-comments=translators:\n"
16
+ "X-Poedit-WPHeader: block-bad-queries.php\n"
17
+ "X-Poedit-SourceCharset: UTF-8\n"
18
+ "X-Poedit-KeywordsList: __;_e;_n:1,2;_x:1,2c;_ex:1,2c;_nx:4c,1,2;esc_attr__;"
19
+ "esc_attr_e;esc_attr_x:1,2c;esc_html__;esc_html_e;esc_html_x:1,2c;"
20
+ "_n_noop:1,2;_nx_noop:3c,1,2;__ngettext_noop:1,2\n"
21
+ "X-Poedit-SearchPath-0: .\n"
22
+ "X-Poedit-SearchPathExcluded-0: *.js\n"
23
+
24
+ #: bbq-settings.php:29
25
+ msgid "Plugin Information"
26
+ msgstr "Information sur l'extention"
27
+
28
+ #: bbq-settings.php:32
29
+ msgid "BBQ Version"
30
+ msgstr "Version BBQ"
31
+
32
+ #: bbq-settings.php:34
33
+ msgid "Upgrade to BBQ Pro"
34
+ msgstr "Passer à la version Pro"
35
+
36
+ #: bbq-settings.php:49
37
+ msgid "Thanks for using the free version of "
38
+ msgstr "Merci d’utiliser la version gratuite de "
39
+
40
+ #. Plugin Name of the plugin/theme
41
+ #: bbq-settings.php:50
42
+ msgid "Block Bad Queries (BBQ)"
43
+ msgstr "Block Bad Queries (BBQ)"
44
+
45
+ #: bbq-settings.php:51
46
+ msgid ""
47
+ "The free version is completely plug-&amp;-play, protecting your site "
48
+ "automatically with no settings required."
49
+ msgstr ""
50
+ "La version gratuite est totalement plug-&amp;-play, protégeant votre site "
51
+ "automatiquement sans aucun réglage requis."
52
+
53
+ #: bbq-settings.php:58
54
+ msgid ""
55
+ "Upgrade your site security with advanced protection and complete control. "
56
+ msgstr ""
57
+ "Mise à jour de sécurité de votre site avec une protection avancée et un "
58
+ "contrôle complet. "
59
+
60
+ #: bbq-settings.php:59
61
+ msgid "BBQ Pro: Advanced WordPress Firewall"
62
+ msgstr "BBQ Pro : Firewall de pointe pour WordPress"
63
+
64
+ #: bbq-settings.php:64
65
+ msgid "Get BBQ Pro &raquo;"
66
+ msgstr "Obtenez BBQ Pro &raquo;"
67
+
68
+ #: bbq-settings.php:92
69
+ msgid "Visit the BBQ plugin page"
70
+ msgstr "Visitez la page du plugin BBQ"
71
+
72
+ #: bbq-settings.php:93
73
+ msgid "Settings"
74
+ msgstr "Paramètres"
75
+
76
+ #: bbq-settings.php:98
77
+ msgid "Get BBQ Pro for advanced protection"
78
+ msgstr "Obtenir BBQ Pro pour une protection avancée"
79
+
80
+ #: bbq-settings.php:99
81
+ msgid "Go&nbsp;Pro"
82
+ msgstr "Go&nbsp;Pro"
83
+
84
+ #: bbq-settings.php:118
85
+ msgid "Click here to rate and review this plugin at WordPress.org"
86
+ msgstr "Cliquez ici pour évaluer et noter ce plugin sur WordPress.org"
87
+
88
+ #: bbq-settings.php:119
89
+ msgid "Rate this plugin&nbsp;&raquo;"
90
+ msgstr "Noter ce plugin&nbsp;&raquo;"
91
+
92
+ #: bbq-settings.php:132 bbq-settings.php:143
93
+ msgid "Block Bad Queries"
94
+ msgstr "Block Bad Queries"
95
+
96
+ #. Plugin URI of the plugin/theme
97
+ msgid "https://perishablepress.com/block-bad-queries/"
98
+ msgstr "https://perishablepress.com/block-bad-queries/"
99
+
100
+ #. Description of the plugin/theme
101
+ msgid ""
102
+ "BBQ is a super fast firewall that automatically protects WordPress against "
103
+ "malicious URL requests."
104
+ msgstr ""
105
+ "BBQ est un pare-feu super rapide qui protège automatiquement WordPress "
106
+ "contre les demandes d'URL malveillantes."
107
+
108
+ #. Author of the plugin/theme
109
+ msgid "Jeff Starr"
110
+ msgstr "Jeff Starr"
111
+
112
+ #. Author URI of the plugin/theme
113
+ msgid "https://plugin-planet.com/"
114
+ msgstr "https://plugin-planet.com/"
languages/block-bad-queries.pot ADDED
@@ -0,0 +1,101 @@
1
+ #, fuzzy
2
+ msgid ""
3
+ msgstr ""
4
+ "Project-Id-Version: PACKAGE VERSION\n"
5
+ "Report-Msgid-Bugs-To: \n"
6
+ "POT-Creation-Date: 2017-03-23 00:49+0000\n"
7
+ "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
8
+ "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
9
+ "Language-Team: \n"
10
+ "Language: \n"
11
+ "Plural-Forms: nplurals=INTEGER; plural=EXPRESSION\n"
12
+ "MIME-Version: 1.0\n"
13
+ "Content-Type: text/plain; charset=UTF-8\n"
14
+ "Content-Transfer-Encoding: 8bit\n"
15
+ "X-Generator: Loco - https://localise.biz/"
16
+
17
+ #: bbq-settings.php:29
18
+ msgid "Plugin Information"
19
+ msgstr ""
20
+
21
+ #: bbq-settings.php:32
22
+ msgid "BBQ Version"
23
+ msgstr ""
24
+
25
+ #: bbq-settings.php:34
26
+ msgid "Upgrade to BBQ Pro"
27
+ msgstr ""
28
+
29
+ #: bbq-settings.php:49
30
+ msgid "Thanks for using the free version of "
31
+ msgstr ""
32
+
33
+ #. Name of the plugin
34
+ #: bbq-settings.php:50
35
+ msgid "Block Bad Queries (BBQ)"
36
+ msgstr ""
37
+
38
+ #: bbq-settings.php:51
39
+ msgid ""
40
+ "The free version is completely plug-&amp;-play, protecting your site "
41
+ "automatically with no settings required."
42
+ msgstr ""
43
+
44
+ #: bbq-settings.php:58
45
+ msgid ""
46
+ "Upgrade your site security with advanced protection and complete control. "
47
+ msgstr ""
48
+
49
+ #: bbq-settings.php:59
50
+ msgid "BBQ Pro: Advanced WordPress Firewall"
51
+ msgstr ""
52
+
53
+ #: bbq-settings.php:64
54
+ msgid "Get BBQ Pro &raquo;"
55
+ msgstr ""
56
+
57
+ #: bbq-settings.php:92
58
+ msgid "Visit the BBQ plugin page"
59
+ msgstr ""
60
+
61
+ #: bbq-settings.php:93
62
+ msgid "Settings"
63
+ msgstr ""
64
+
65
+ #: bbq-settings.php:98
66
+ msgid "Get BBQ Pro for advanced protection"
67
+ msgstr ""
68
+
69
+ #: bbq-settings.php:99
70
+ msgid "Go&nbsp;Pro"
71
+ msgstr ""
72
+
73
+ #: bbq-settings.php:118
74
+ msgid "Click here to rate and review this plugin at WordPress.org"
75
+ msgstr ""
76
+
77
+ #: bbq-settings.php:119
78
+ msgid "Rate this plugin&nbsp;&raquo;"
79
+ msgstr ""
80
+
81
+ #: bbq-settings.php:132 bbq-settings.php:143
82
+ msgid "Block Bad Queries"
83
+ msgstr ""
84
+
85
+ #. Description of the plugin
86
+ msgid ""
87
+ "BBQ is a super fast firewall that automatically protects WordPress against "
88
+ "malicious URL requests."
89
+ msgstr ""
90
+
91
+ #. URI of the plugin
92
+ msgid "https://perishablepress.com/block-bad-queries/"
93
+ msgstr ""
94
+
95
+ #. Author of the plugin
96
+ msgid "Jeff Starr"
97
+ msgstr ""
98
+
99
+ #. Author URI of the plugin
100
+ msgid "https://plugin-planet.com/"
101
+ msgstr ""
readme.txt ADDED
@@ -0,0 +1,298 @@
1
+ === BBQ: Block Bad Queries ===
2
+
3
+ Plugin Name: Block Bad Queries (BBQ)
4
+ Plugin URI: https://perishablepress.com/block-bad-queries/
5
+ Description: BBQ is a super fast firewall that automatically protects WordPress against malicious URL requests.
6
+ Tags: firewall, security, protect, lockdown, blacklist, hack, eval, http, malicious, query, request, secure, spam, whitelist
7
+ Usage: No configuration necessary. Upload, activate and done. BBQ blocks bad queries automically to protect your site against malicious URL requests. For advanced protection check out BBQ Pro.
8
+ Author: Jeff Starr
9
+ Author URI: https://plugin-planet.com/
10
+ Contributors: specialk, aldolat, WpBlogHost, jameswilkes, juliobox, lernerconsult
11
+ Donate link: https://m0n.co/donate
12
+ Requires at least: 4.1
13
+ Tested up to: 4.8
14
+ Stable tag: 20170322
15
+ Version: 20170322
16
+ Text Domain: block-bad-queries
17
+ Domain Path: /languages
18
+ License: GPLv2 or later
19
+
20
+ The fastest firewall plugin for WordPress.
21
+
22
+
23
+
24
+ == Description ==
25
+
26
+ > Install, activate, and done! Powerful protection from WP's __fastest__ firewall plugin.
27
+
28
+ [Block Bad Queries](https://perishablepress.com/block-bad-queries/) (BBQ) is a simple, super-fast plugin that protects your site against malicious URL requests. BBQ checks all incoming traffic and quietly blocks bad requests containing nasty stuff like `eval(`, `base64_`, and excessively long request-strings. This is a simple yet solid solution for sites that are unable to use a [strong .htaccess firewall](https://perishablepress.com/6g/).
29
+
30
+ **Awesome Features**
31
+
32
+ * 100% Plug-n-play functionality
33
+ * No configuration required (it just works)
34
+ * Born of speed and simplicity, no frills
35
+ * 100% focused on security and performance
36
+ * Blocks a wide range of malicious requests
37
+ * Blocks directory traversal attacks
38
+ * Blocks executable file uploads
39
+ * Blocks SQL injection attacks
40
+ * Based on the [5G/6G Firewall](https://perishablepress.com/6g/)
41
+ * Scans all incoming traffic and blocks bad requests
42
+ * Scans all types of requests: GET, POST, PUT, DELETE, etc.
43
+ * Works silently behind the scenes to protect your site
44
+ * Hassle-free security plugin that's easy to use
45
+ * Thoroughly tested, error-free performance
46
+ * Compatible with other security plugins
47
+ * Customize blocked strings via [Whitelist/Blacklist plugins](https://perishablepress.com/bbq-whitelist-blacklist/)
48
+
49
+ **Pro Version**
50
+
51
+ For advanced protection and awesome features, check out [BBQ Pro](https://plugin-planet.com/bbq-pro/).
52
+
53
+
54
+
55
+ == Installation ==
56
+
57
+ **Installing BBQ**
58
+
59
+ 1. Install, activate, done.
60
+
61
+ Once active, BBQ automically blocks bad queries to protect your site against malicious URL requests. For more control and stronger protection, [check out BBQ Pro &raquo;](https://plugin-planet.com/bbq-pro/)
62
+
63
+ [More info on installing WP plugins](http://codex.wordpress.org/Managing_Plugins#Installing_Plugins)
64
+
65
+
66
+ **Customizing**
67
+
68
+ * To allow patterns otherwise blocked by BBQ, check out the [BBQ Whitelist plugin](https://perishablepress.com/bbq-whitelist-blacklist/)
69
+ * To block patterns otherwise allowed by BBQ, check out the [BBQ Blacklist plugin](https://perishablepress.com/bbq-whitelist-blacklist/)
70
+
71
+ Note that the [Pro version of BBQ](https://plugin-planet.com/bbq-pro/) makes it possible to customize patterns (add, edit, remove) directly via the plugin settings, with a click.
72
+
73
+
74
+
75
+ == Upgrade Notice ==
76
+
77
+ To upgrade BBQ, remove old version and replace with new version. Or just click "Update" from the Plugins screen and let WordPress do it for you automatically. Nothing else needs done.
78
+
79
+
80
+
81
+ == Screenshots ==
82
+
83
+ Sorry, there are no screenshots for BBQ! Everything is done behind the scenes.
84
+
85
+ The free version of BBQ is strictly plug-n-play, set-it-and-forget-it, with no settings to configure whatsoever. Just install, activate, and enjoy better security and robust protection against malicious requests.
86
+
87
+ The Pro version of BBQ is just as fast and simple to use, but is much more powerful and includes settings to customize and fine-tune your firewall. [Check out screenshots of BBQ Pro](https://plugin-planet.com/bbq-pro/#screenshots) (click the three grey buttons near the top of the page).
88
+
89
+
90
+
91
+ == Frequently Asked Questions ==
92
+
93
+ **What other security plugins do you recommend?**
94
+
95
+ I recently recorded a video tutorial series for Lynda.com on [how to secure WordPress sites](https://m0n.co/securewp). That's a good place to learn more about the best techniques and WP plugins for protecting your site against threats.
96
+
97
+
98
+ **Do I need to do anything else for BBQ to work?**
99
+
100
+ Nope, just install and relax knowing that BBQ is protecting your site from bad URL requests.
101
+
102
+
103
+ **I just installed this plugin and I don�t see NO MENU or any Settings whatsoever? Where is the settings?**
104
+
105
+ No settings page needed for BBQ! Everything is done automatically behind the scenes. Zero configuration required. The free version of BBQ is strictly plug-n-play, set-it-and-forget-it, with no settings to configure whatsoever. Just install, activate, and enjoy better security and robust protection against malicious requests. The Pro version of BBQ is just as fast and simple to use, but is much more powerful and includes robust settings to customize and fine-tune your firewall.
106
+
107
+
108
+ **Is BBQ free version compatible with Wordfence? Does it makes sense to use both?**
109
+
110
+ Yes BBQ free and BBQ Pro are both compatible with any plugin written according to the WP API. And yes, there is benefit to using BBQ with any other security plugin, including Wordfence. They protect against different threats, so using both means you are extra secure.
111
+
112
+
113
+ **Does BBQ make changes to my .htaccess file?**
114
+
115
+ Absolutely not. Unlike other security/firewall plugins, neither BBQ (free version) nor BBQ Pro make any changes to any .htaccess file.
116
+
117
+
118
+ **Does BBQ make any changes to my WP database?**
119
+
120
+ No, the free version of BBQ operates as each page is loaded; it does not make any changes whatsoever to the WP database.
121
+
122
+
123
+ **Does BBQ block malicious strings included in arrays?**
124
+
125
+ Yes, BBQ scans any arrays that are included in the URI request. If any matching patterns are found, the request is blocked.
126
+
127
+
128
+ **Do I need WordPress to run BBQ?**
129
+
130
+ Nope! BBQ is available in the following flavors:
131
+
132
+ * [BBQ Free - WordPress Plugin](https://wordpress.org/plugins/block-bad-queries/)
133
+ * [BBQ Pro - WordPress Plugin](https://plugin-planet.com/bbq-pro/)
134
+ * [BBQ Standalone PHP Script](https://perishablepress.com/block-bad-queries/#bbq-php-script)
135
+
136
+ So you can check out the Standalone PHP Script for sites that are not running WordPress.
137
+
138
+
139
+ **Got a question?**
140
+
141
+ Send any questions or feedback via my [contact form](https://perishablepress.com/contact/).
142
+
143
+
144
+
145
+ == Support development of this plugin ==
146
+
147
+ I develop and maintain this free plugin with love for the WordPress community. To show support, you can [make a cash donation](https://m0n.co/donate), [bitcoin donation](https://m0n.co/bitcoin), or purchase one of my books:
148
+
149
+ * [The Tao of WordPress](https://wp-tao.com/)
150
+ * [Digging into WordPress](https://digwp.com/)
151
+ * [.htaccess made easy](https://htaccessbook.com/)
152
+ * [WordPress Themes In Depth](https://wp-tao.com/wordpress-themes-book/)
153
+
154
+ And/or purchase one of my premium WordPress plugins:
155
+
156
+ * [BBQ Pro](https://plugin-planet.com/bbq-pro/) - Pro version of Block Bad Queries
157
+ * [Blackhole Pro](https://plugin-planet.com/blackhole-pro/) - Pro version of Blackhole for Bad Bots
158
+ * [SES Pro](https://plugin-planet.com/ses-pro/) - Super-simple &amp; flexible email signup forms
159
+ * [USP Pro](https://plugin-planet.com/usp-pro/) - Pro version of User Submitted Posts
160
+
161
+ Links, tweets and likes also appreciated. Thank you! :)
162
+
163
+
164
+
165
+ == Changelog ==
166
+
167
+ **2017/03/22**
168
+
169
+ * Adds plugin settings page
170
+ * Adds French translation (thanks to Bouzin)
171
+ * Generates new default translation template
172
+ * Tests on WordPress version 4.8
173
+
174
+ **2016/11/14**
175
+
176
+ * Replaces `esc_html` with `esc_attr` for link title attributes
177
+ * Changes stable tag from trunk to latest version
178
+ * Adds `&raquo;` to rate this plugin link
179
+ * Updates URL for rate this plugin link
180
+ * Moves "Go Pro" link to action links
181
+ * Renames action/meta link functions
182
+ * Updates default translation template
183
+ * Tests on WordPress version 4.7 (beta)
184
+
185
+ **2016/08/10**
186
+
187
+ * Added translation support
188
+ * Added plugin icons and larger banner
189
+ * General fine-tuning and testing
190
+ * Tested on WordPress 4.6
191
+
192
+ **2016/03/28**
193
+
194
+ * Removed `\:\/\/` from Request URI and Query String patterns (see [this thread](https://wordpress.org/support/topic/redirection-blocked))
195
+ * Added `(benchmark|sleep)(\s|%20)*\(` to Request URI patterns (thanks to [smitka](https://wordpress.org/support/topic/idea-better-sqli-filter))
196
+ * Tested on WordPress 3.5 beta
197
+
198
+ **2015/11/07**
199
+
200
+ * Added `\.php\([0-9]+\)`, `__hdhdhd.php` to URI patterns (Thanks to [George Lerner](http://www.glerner.com/))
201
+ * Added `acapbot`, `semalt` to User Agent patterns (Thanks to [George Lerner](http://www.glerner.com/))
202
+ * Replaced `UNION.*SELECT` with `UNION(.*)SELECT` in Request URI patterns
203
+ * Added `morfeus`, `snoopy` to User Agent patterns
204
+ * Refactored redirect/exit functionality
205
+ * Renamed `rate_bbq()` to `bbq_links()`
206
+ * Tested with WordPress 4.4 beta
207
+
208
+ **2015/08/08**
209
+
210
+ * Tested on WordPress 4.3
211
+ * Updated minimum version requirement
212
+ * Highlighted Pro link on Plugins screen
213
+
214
+ **2015/06/24**
215
+
216
+ * Replaced `UNION\+SELECT` with `UNION.*SELECT`
217
+ * Added `wp-config.php` to query-string patterns
218
+ * Added plugin link to [BBQ Pro](https://plugin-planet.com/bbq-pro/)
219
+ * Testing on WP 4.3 (alpha)
220
+
221
+ **2015/05/07**
222
+
223
+ * Tested with WP 4.2 and 4.3 (alpha)
224
+ * Replaced some `http` with `https` in readme.txt
225
+
226
+ **2015/03/14**
227
+
228
+ * introduce `bbq_core()`
229
+ * tested on latest WP
230
+ * tightened up code
231
+
232
+ **2014/09/22**
233
+
234
+ * tested on latest version of WordPress (4.0)
235
+ * retested on Multisite
236
+ * increased minimum version requirement to WP 3.7
237
+
238
+ **2014/03/05**
239
+
240
+ * Bugfix: added conditional checks for empty variables
241
+
242
+ **2014/01/23**
243
+
244
+ * tested on latest version of WordPress (3.8)
245
+ * added link to rate plugin
246
+
247
+ **2013/11/03**
248
+
249
+ * removed `?>` from script
250
+ * added optional line for blocking long URLs
251
+ * added line to prevent direct access to BBQ script
252
+ * added `\;Nt\.`, `\=Nt\.`, `\,Nt\.` to request URI items
253
+ * tested on latest version of WordPress (3.7)
254
+
255
+ **2013/07/07**
256
+
257
+ * replaced `Nt\.` with `\/Nt\.` (resolves comment editing/approval issue)
258
+
259
+ **2013/07/05**
260
+
261
+ * removed `https\:` (from previous version)
262
+ * replaced `\/https\/` with `\/https\:`
263
+ * replaced `\/http\/` with `\/http\:`
264
+ * replaced `\/ftp\/` with `\/ftp\:`
265
+
266
+ **2013/07/04**
267
+
268
+ * removed block for `jakarta` in user-agents
269
+ * removed `union` from query strings
270
+ * added to request-URI: `\%2Flocalhost`, `Nt\.`, `https\:`, `\.exec\(`, `\)\.html\(`, `\{x\.html\(`, `\(function\(`
271
+ * resolved PHP Notice "Undefined Index" via `isset()`
272
+
273
+ **2013/01/03**
274
+
275
+ * removed block for `CONCAT` in request-URI
276
+ * removed block for `environ` in query-string
277
+ * removed block for `%3C` and `%3E` in query-string
278
+ * removed block for `%22` and `%27` in query-string
279
+ * removed block for `[` and `]` in query-string (to allow unsafe characters used in WordPress)
280
+ * removed block for `?` in query-string (to allow unsafe character used in WordPress)
281
+ * removed block for `:` in query-string (to allow unsafe character used by Google)
282
+ * removed block for `libwww` in user-agents (to allow access to Lynx browser)
283
+
284
+ **2012/11/08**
285
+
286
+ * Removed `:` match from query string (Google disregards encoding)
287
+ * Removed `scanner` from query string from query string match
288
+ * Streamlined source code for better performance (thanks to juliobox)
289
+
290
+ **Older versions**
291
+
292
+ * 2012/10/27 - Disabled check for long strings, disabled check for scanner
293
+ * 2012/10/26 - Rebuilt plugin using 5G/6G technology
294
+ * 2011/02/21 - Updated readme.txt file
295
+ * 2009/12/30 - Added check for admin users
296
+ * 2009/12/30 - Additional request strings added
297
+
298
+
uninstall.php ADDED
@@ -0,0 +1,5 @@
1
+ <?php // Block Bad Queries - Uninstall Remove Options
2
+
3
+ if (!defined('ABSPATH') && !defined('WP_UNINSTALL_PLUGIN')) exit();
4
+
5
+ delete_option('bbq_options_free');