BBQ: Block Bad Queries - Version 20200811

Version Description

To upgrade BBQ, remove old version and replace with new version. Or just click "Update" from the Plugins screen and let WordPress do it for you automatically. Nothing else needs done.

Download this release

Release Info

Developer	specialk
Plugin	BBQ: Block Bad Queries
Version	20200811
Comparing to
See all releases

Code changes from version 20200706 to 20200811

Files changed (2) hide show

block-bad-queries.php +5 -5
readme.txt +14 -7

block-bad-queries.php CHANGED Viewed

	@@ -10,9 +10,9 @@
10	Contributors: specialk, aldolat, WpBlogHost, jameswilkes, juliobox, lernerconsult
11	Donate link: https://monzillamedia.com/donate.html
12	Requires at least: 4.1
13	- Tested up to: 5.4
14	- Stable tag: ~~20200706~~
15	- Version: ~~20200706~~
16	Requires PHP: 5.6.20
17	Text Domain: block-bad-queries
18	Domain Path: /languages
	@@ -38,7 +38,7 @@
38
39	if (!defined('ABSPATH')) die();
40
41	- if (!defined('BBQ_VERSION')) define('BBQ_VERSION', '~~20200706~~');
42	if (!defined('BBQ_FILE')) define('BBQ_FILE', plugin_basename(__FILE__));
43	if (!defined('BBQ_DIR')) define('BBQ_DIR', plugin_dir_path(__FILE__));
44	if (!defined('BBQ_URL')) define('BBQ_URL', plugins_url('/block-bad-queries/'));
	@@ -46,7 +46,7 @@ if (!defined('BBQ_URL')) define('BBQ_URL', plugins_url('/block-bad-queries/
46	function bbq_core() {
47
48	$request_uri_array = apply_filters('request_uri_items', array('@eval', 'eval$', 'UNION(.)SELECT', '\(null$', 'base64_', '\/localhost', '\%2Flocalhost', '\/pingserver', 'wp-config\.php', '\/config\.', '\/wwwroot', '\/makefile', 'crossdomain\.', 'proc\/self\/environ', 'usr\/bin\/perl', 'var\/lib\/php', 'etc\/passwd', '\/https\:', '\/http\:', '\/ftp\:', '\/file\:', '\/php\:', '\/cgi\/', '\.cgi', '\.cmd', '\.bat', '\.exe', '\.sql', '\.ini', '\.dll', '\.htacc', '\.htpas', '\.pass', '\.asp', '\.jsp', '\.bash', '\/\.git', '\/\.svn', ' ', '\<', '\>', '\/\=', '\.\.\.', '\+\+\+', '@@', '\/&&', '\/Nt\.', '\;Nt\.', '\=Nt\.', '\,Nt\.', '\.exec$', '$\.html$', '\{x\.html\(', '\(function\(', '\.php\([0-9]+$', '(benchmark\|sleep)(\s\|%20)\(', 'indoxploi', 'xrumer', 'guangxiymcd'));
49	- $query_string_array = apply_filters('query_string_items', array('@@', '$0x', '0x3c62723e', '\;\!--\=', '\($\}', '\:\;\}\;', '\.\.\/', '127\.0\.0\.1', 'UNION(.)SELECT', '@eval', 'eval\(', 'base64_', 'localhost', 'loopback', '\%0A', '\%0D', '\%00', '\%2e\%2e', 'allow_url_include', 'auto_prepend_file', 'disable_functions', 'input_file', 'execute', 'file_get_contents', 'mosconfig', 'open_basedir', '(benchmark\|sleep)(\s\|%20)\(', 'phpinfo\(', 'shell_exec\(', '\/wwwroot', '\/makefile', 'path\=\.', 'mod\=\.', 'wp-config\.php', '\/config\.', '\$_session', '\$_request', '\$_env', '\$_server', '\$_post', '\$_get', 'indoxploi', 'xrumer', '~~guangxiymcd~~'));
50	$user_agent_array = apply_filters('user_agent_items', array('acapbot', '\/bin\/bash', 'binlar', 'casper', 'cmswor', 'diavol', 'dotbot', 'finder', 'flicky', 'md5sum', 'morfeus', 'nutch', 'planet', 'purebot', 'pycurl', 'semalt', 'shellshock', 'skygrid', 'snoopy', 'sucker', 'turnit', 'vikspi', 'zmeu'));
51
52	$request_uri_string = false;


10	Contributors: specialk, aldolat, WpBlogHost, jameswilkes, juliobox, lernerconsult
11	Donate link: https://monzillamedia.com/donate.html
12	Requires at least: 4.1
13	+ Tested up to: 5.5
14	+ Stable tag: 20200811
15	+ Version: 20200811
16	Requires PHP: 5.6.20
17	Text Domain: block-bad-queries
18	Domain Path: /languages

38
39	if (!defined('ABSPATH')) die();
40
41	+ if (!defined('BBQ_VERSION')) define('BBQ_VERSION', '20200811');
42	if (!defined('BBQ_FILE')) define('BBQ_FILE', plugin_basename(__FILE__));
43	if (!defined('BBQ_DIR')) define('BBQ_DIR', plugin_dir_path(__FILE__));
44	if (!defined('BBQ_URL')) define('BBQ_URL', plugins_url('/block-bad-queries/'));

46	function bbq_core() {
47
48	$request_uri_array = apply_filters('request_uri_items', array('@eval', 'eval$', 'UNION(.)SELECT', '\(null$', 'base64_', '\/localhost', '\%2Flocalhost', '\/pingserver', 'wp-config\.php', '\/config\.', '\/wwwroot', '\/makefile', 'crossdomain\.', 'proc\/self\/environ', 'usr\/bin\/perl', 'var\/lib\/php', 'etc\/passwd', '\/https\:', '\/http\:', '\/ftp\:', '\/file\:', '\/php\:', '\/cgi\/', '\.cgi', '\.cmd', '\.bat', '\.exe', '\.sql', '\.ini', '\.dll', '\.htacc', '\.htpas', '\.pass', '\.asp', '\.jsp', '\.bash', '\/\.git', '\/\.svn', ' ', '\<', '\>', '\/\=', '\.\.\.', '\+\+\+', '@@', '\/&&', '\/Nt\.', '\;Nt\.', '\=Nt\.', '\,Nt\.', '\.exec$', '$\.html$', '\{x\.html\(', '\(function\(', '\.php\([0-9]+$', '(benchmark\|sleep)(\s\|%20)\(', 'indoxploi', 'xrumer', 'guangxiymcd'));
49	+ $query_string_array = apply_filters('query_string_items', array('@@', '$0x', '0x3c62723e', '\;\!--\=', '\($\}', '\:\;\}\;', '\.\.\/', '127\.0\.0\.1', 'UNION(.)SELECT', '@eval', 'eval\(', 'base64_', 'localhost', 'loopback', '\%0A', '\%0D', '\%00', '\%2e\%2e', 'allow_url_include', 'auto_prepend_file', 'disable_functions', 'input_file', 'execute', 'file_get_contents', 'mosconfig', 'open_basedir', '(benchmark\|sleep)(\s\|%20)\(', 'phpinfo\(', 'shell_exec\(', '\/wwwroot', '\/makefile', 'path\=\.', 'mod\=\.', 'wp-config\.php', '\/config\.', '\$_session', '\$_request', '\$_env', '\$_server', '\$_post', '\$_get', 'indoxploi', 'xrumer', '^www\.(.*)\.cn$'));
50	$user_agent_array = apply_filters('user_agent_items', array('acapbot', '\/bin\/bash', 'binlar', 'casper', 'cmswor', 'diavol', 'dotbot', 'finder', 'flicky', 'md5sum', 'morfeus', 'nutch', 'planet', 'purebot', 'pycurl', 'semalt', 'shellshock', 'skygrid', 'snoopy', 'sucker', 'turnit', 'vikspi', 'zmeu'));
51
52	$request_uri_string = false;

readme.txt CHANGED Viewed

	@@ -10,9 +10,9 @@ Author URI: https://plugin-planet.com/
10	Contributors: specialk, aldolat, WpBlogHost, jameswilkes, juliobox, lernerconsult
11	Donate link: https://monzillamedia.com/donate.html
12	Requires at least: 4.1
13	- Tested up to: 5.4
14	- Stable tag: ~~20200706~~
15	- Version: ~~20200706~~
16	Requires PHP: 5.6.20
17	Text Domain: block-bad-queries
18	Domain Path: /languages
	@@ -29,6 +29,7 @@ The fastest firewall plugin for WordPress.
29
30	[Block Bad Queries](https://perishablepress.com/block-bad-queries/) (BBQ) is a simple, super-fast plugin that protects your site against malicious URL requests. BBQ checks all incoming traffic and quietly blocks bad requests containing nasty stuff like `eval(`, `base64_`, and excessively long request-strings. This is a simple yet solid solution for sites that are unable to use a [strong .htaccess firewall](https://perishablepress.com/6g/).
31

32	Awesome Features
33
34	* 100% Plug-n-play functionality
	@@ -49,11 +50,11 @@ The fastest firewall plugin for WordPress.
49	* Regularly updated and "future proof"
50	* Customize blocked strings via [Whitelist/Blacklist plugins](https://perishablepress.com/bbq-whitelist-blacklist/)
51

52	Privacy
53
54	This plugin does not collect or store any user data. It does not set any cookies, and it does not connect to any third-party locations. Thus, this plugin does not affect user privacy in any way.
55
56	- > Works perfectly with or without Gutenberg Block Editor
57
58	Pro Version
59
	@@ -69,7 +70,7 @@ For advanced protection and awesome features, check out [BBQ Pro](https://plugin
69
70	Once active, BBQ automically blocks bad queries to protect your site against malicious URL requests. For more control and stronger protection, [check out BBQ Pro »](https://plugin-planet.com/bbq-pro/)
71
72	- [More info on installing WP plugins](https://~~codex.~~wordpress.org/~~Managing_Plugins#Installing_Plugins~~)
73
74
75	Customizing
	@@ -119,9 +120,9 @@ Nope, just install and relax knowing that BBQ is protecting your site from bad U
119	No settings needed for BBQ! Everything is done automatically behind the scenes. Zero configuration required. The free version of BBQ is strictly plug-n-play, set-it-and-forget-it, with no settings to configure whatsoever. Just install, activate, and enjoy better security and robust protection against malicious requests. The Pro version of BBQ is just as fast and simple to use, but is much more powerful and includes robust settings to customize and fine-tune your firewall.
120
121
122	- Is BBQ free version compatible with Wordfence~~? Does it makes sense to use both~~?
123
124	- Yes BBQ free and BBQ Pro are both compatible with any plugin written according to the WP API. And yes, there is benefit to using BBQ with any other security plugin, including Wordfence. They protect against different threats, so using both means you are extra secure.
125
126
127	Does BBQ make changes to my .htaccess file?
	@@ -204,6 +205,12 @@ Links, tweets and likes also appreciated. Thank you! :)
204	If you like BBQ, please take a moment to [give a 5-star rating](https://wordpress.org/support/plugin/block-bad-queries/reviews/?rate=5#new-post). It helps to keep development and support going strong. Thank you!
205
206






207	2020/07/06
208
209	* Adds `guangxiymcd` to Request URI and Query String patterns


10	Contributors: specialk, aldolat, WpBlogHost, jameswilkes, juliobox, lernerconsult
11	Donate link: https://monzillamedia.com/donate.html
12	Requires at least: 4.1
13	+ Tested up to: 5.5
14	+ Stable tag: 20200811
15	+ Version: 20200811
16	Requires PHP: 5.6.20
17	Text Domain: block-bad-queries
18	Domain Path: /languages

29
30	[Block Bad Queries](https://perishablepress.com/block-bad-queries/) (BBQ) is a simple, super-fast plugin that protects your site against malicious URL requests. BBQ checks all incoming traffic and quietly blocks bad requests containing nasty stuff like `eval(`, `base64_`, and excessively long request-strings. This is a simple yet solid solution for sites that are unable to use a [strong .htaccess firewall](https://perishablepress.com/6g/).
31
32	+
33	Awesome Features
34
35	* 100% Plug-n-play functionality

50	* Regularly updated and "future proof"
51	* Customize blocked strings via [Whitelist/Blacklist plugins](https://perishablepress.com/bbq-whitelist-blacklist/)
52
53	+
54	Privacy
55
56	This plugin does not collect or store any user data. It does not set any cookies, and it does not connect to any third-party locations. Thus, this plugin does not affect user privacy in any way.
57

58
59	Pro Version
60

70
71	Once active, BBQ automically blocks bad queries to protect your site against malicious URL requests. For more control and stronger protection, [check out BBQ Pro »](https://plugin-planet.com/bbq-pro/)
72
73	+ [More info on installing WP plugins](https://wordpress.org/support/article/managing-plugins/#installing-plugins)
74
75
76	Customizing

120	No settings needed for BBQ! Everything is done automatically behind the scenes. Zero configuration required. The free version of BBQ is strictly plug-n-play, set-it-and-forget-it, with no settings to configure whatsoever. Just install, activate, and enjoy better security and robust protection against malicious requests. The Pro version of BBQ is just as fast and simple to use, but is much more powerful and includes robust settings to customize and fine-tune your firewall.
121
122
123	+ Is BBQ free version compatible with Wordfence?
124
125	+ Does it makes sense to use both? Yes BBQ free and BBQ Pro are both compatible with any plugin written according to the WP API. And yes, there is benefit to using BBQ with any other security plugin, including Wordfence. They protect against different threats, so using both means you are extra secure.
126
127
128	Does BBQ make changes to my .htaccess file?

205	If you like BBQ, please take a moment to [give a 5-star rating](https://wordpress.org/support/plugin/block-bad-queries/reviews/?rate=5#new-post). It helps to keep development and support going strong. Thank you!
206
207
208	+ 2020/08/11
209	+
210	+ * Replaces `guangxiymcd` with wildcard match `www.(.*).cn`
211	+ * Refines readme/documentation
212	+ * Tests on WordPress 5.5
213	+
214	2020/07/06
215
216	* Adds `guangxiymcd` to Request URI and Query String patterns