Description

🔥 Install, activate, and done!
🔥 Powerful protection from WP’s fastest firewall plugin.

BBQ Firewall is a lightweight, blazing-fast firewall plugin that protects your site against a wide range of threats. BBQ checks all incoming traffic and quietly blocks bad requests containing nasty stuff like eval(, base64_, and excessively long request-strings. This is a simple yet solid solution for sites that are unable to use a strong Apache/.htaccess firewall.

🔥 Adds a strong firewall to ANY WordPress site
🔥 Works with all WordPress plugins and themes

Protection puissante

BBQ protects your site against many threats:

Attaques par injection SQL
Téléchargements de fichiers exécutables
Attaques de traversée de répertoire
Requêtes de personnage non sécurisées
Demandes trop longues
Exécution à distance/fichier PHP
XSS, XXE et attaques associées
Protège contre les mauvais robots
Protège contre les mauvais référents
Protects against bad POST content
Protects against many other bad requests

🔥 Works great with Blackhole for Bad Bots and Banhammer

Fonctionnalités géniales

BBQ fournit toutes les meilleures fonctionnalités de pare-feu :

Noté 5 étoiles sur WordPress.org
100% plug &-play, aucune configuration
100 % concentré sur la sécurité et la performance
Blocks a wide range of malicious URL requests
Fastest Web Application Firewall (WAF) for WordPress
Based on the 7G/8G Firewall
Analyse tout le trafic entrant et bloque les mauvaises requêtes
Vérifie tous les types de requêtes : GET, POST, PUT, DELETE, etc.
Protège contre les bad bots et les référents connus
Fonctionne silencieusement dans les coulisses pour protéger votre site
Extension de sécurité simple à utiliser et sans prise de tête
Des performances rigoureusement testées et sans erreur
Taux de faux positifs extrêmement faible
Compatible avec d’autres extensions de sécurité
Regularly updated and « future proof »
Firewall < 10 kilobytes in size
Léger, rapide et flexible

🔥 For advanced protection and features, check out BBQ Pro »

Exclusive Pro Features

Customize firewall via plugin settings
Easily add or remove firewall patterns
Easily add Jeff Starr’s AI Block List
Send Email Alerts for blocked requests
Quickly enable/disable firewall rules
Disable firewall for logged-in users
Block excessively long URI requests
Protect against XML-RPC exploits
Block any individual IP address
Block entire ranges of IP addresses
Protect against user-ID phishing
Redirect all blocked requests
Display a custom « blocked » message
Set your own response status code
Complete inline documentation
Statistics for blocked requests
Tools to reset options and patterns
Import and Export firewall patterns
One-click pattern testing
Whitelist IP addresses

..plus everything the free version can do and more.

🔥 Learn more and get BBQ Pro »

Confidentialité

This plugin does not collect or store any user data. It does not set any cookies, and it does not connect to any third-party locations. Thus, this plugin does not affect user privacy in any way.

BBQ Firewall is developed and maintained by Jeff Starr, 15-year WordPress developer and book author.

🔥 BBQ = Block Bad Queries

Support development

I develop and maintain this free plugin with love for the WordPress community. To show support, you can make a donation or purchase one of my books:

Et/ou achetez une de mes extensions WordPress premium

BBQ Pro – Blazing fast WordPress firewall
Blackhole Pro – Bloque automatiquement les mauvais robots
Banhammer Pro – Surveillez le trafic et bannissez les méchants
GA Google Analytics Pro – Connecter WordPress à Google Analytics
Head Meta Pro – Ultimate Meta Tags for WordPress
REST Pro Tools – Awesome tools for managing the WP REST API
Simple Ajax Chat Pro – Unlimited chat rooms
USP Pro – Formulaires frontaux illimités

Les liens, tweets et j’aime sont aussi les bienvenus. Merci ! 🙂

Installation

Installation du barbecue

Installez, activez et c’est terminé.

Une fois actif, BBQ protège automatiquement votre site contre les menaces. Tranquillement, dans les coulisses. Pour plus de contrôle et une protection renforcée, consultez BBQ Pro »

More info on installing WP plugins

Personnalisation

BBQ Firewall is designed to be super lightweight and fast. Here are some addons that can be used to customize default functionality.

BBQ Whitelist – Allow patterns that otherwise would be blocked
BBQ Blacklist – Block patterns that otherwise would be allowed
BBQ Display Count – Display the total block count on the plugin settings page
BBQ Customize Features – Block long requests, log blocked patterns, enable POST protection, and customize response headers (e.g., for redirecting blocked requests)

Note that the Pro version of BBQ makes it possible to customize patterns and everything else directly via the plugin settings, with a click. BBQ Pro also displays the current block count for each firewall rule, like this.

Désinstallation

This plugin cleans up after itself. All plugin settings will be removed from the WordPress database when the plugin is deleted via the WP Plugins screen.

Like the plugin?

If you like BBQ, please take a moment to give a 5-star rating. It helps to keep development and support going strong. Thank you!

FAQ

How to test that the plugin is working?

Visit the plugin settings page and click the « Test Firewall » link.

Proposez-vous des extensions de sécurité ?

Yes, three of them:

BBQ Firewall for blazing-fast firewall security
Blackhole for Bad Bots pour protéger votre site contre les bad bots
Banhammer pour surveiller et bannir tout utilisateur ou adresse IP

Versions Pro avec plus de fonctionnalités disponibles sur Plugin Planet.

Ai-je besoin d’autre chose pour que BBQ fonctionne ?

Non, installez-le et relaxez-vous en sachant que BBQ protège votre site des mauvaises requêtes.

Where are the plugin settings?

No settings needed for BBQ! Everything is done automatically behind the scenes. Zero configuration required. The free version of BBQ is strictly plug-n-play, set-it-and-forget-it, with no settings to configure whatsoever. Just install, activate, and enjoy better security and robust protection against malicious requests. The Pro version is just as fast and simple to use, but is much more powerful and includes robust settings to customize and fine-tune your firewall.

Is BBQ free version compatible with Wordfence?

Does it makes sense to use both? Yes BBQ free and BBQ Pro are both compatible with any plugin written according to WP APIs. And yes, there is benefit to using BBQ with any other security plugin, including Wordfence. They protect against different threats, so using both provides additional protection.

BBQ modifie t-il mon fichier .htaccess ?

Absolument pas. Contrairement à d’autres extensions de sécurité, ni BBQ (version gratuite), ni BBQ Pro ne modifient le fichier .htaccess.

BBQ apporte t-il des modifications à ma base de données WP ?

Only two tiny options are stored in the database; one option for the plugin version, and another option that stores an expiration date for the banner ad on the plugin settings page. Everything else happens at runtime. No other options are stored in the database. Also, both options are removed completely when the plugin is uninstalled via the WP Plugins screen.

Est-ce que BBQ bloque les chaînes malveillantes incluses dans les tableaux ?

Yes, BBQ scans any arrays that are included in the URI request. If any matching patterns are found, the request is blocked.

My PHP scanner/checker plugin says there is an error?

If some PHP scanner is reporting an error or bad string in BBQ, it’s a false positive and safe to ignore. Why? Because the PHP checker is finding the static strings/patterns that BBQ uses to identify and block bad requests. In other words, the PHP scanner is finding a static string thinking it is live code. It’s not. If possible, please take a moment to report this to the developers of your PHP scanner. They should be happy to improve the accuracy and quality of their plugin. More info.

Can I use BBQ and 7G/8G Firewall at the same time?

Full question: « Except most of the rules overlapping, is it counter productive (site slowing down for example, potential conflicts, bugs) or is there any risks using 7G/8G Firewall + BBQ at the same time? »

Answer: It’s fine to run both BBQ and 7G/8G Firewall at the same time. Both firewalls are super fast, so they won’t slow things down. In other words the two firewalls play well together. The only downside is that some of the rules will be redundant, but there should be no negative impact on performance. The upside is that you get extra protection when using both, as there are variations in the firewall rules and patterns, etc.

How to enable logging?

You can use a free addon to display the total number of blocked requests on the BBQ settings page. Here is a guide that explains how to set it up.

Alternately, BBQ can be configured to log the matching pattern for each blocked request. When match-logging is enabled, BBQ will add a log entry in the site’s default error log. To enable match logging, use the free customize plugin.

Note that the Pro version of BBQ displays the current block count for each firewall rule, like this. All automatic, fiddling with code NOT required 🙂

Une question ?

Envoyez vos questions ou commentaires via mon formulaire de contact.

Avis

emd37 4 février 2026

Installation simple protection max, merci !

mikapin 26 décembre 2025

Thanks to @Jeff Starr, who is a security expert and shares very useful information on his website. BBQ is a great WordPress security plugin.

nebuldu 27 novembre 2025

I have used BBQ Pro plugin for a few years to protect my website, and I appreciate the creators of this plugin. I recommend this plugin to everyone who has a WordPress website.

pgmachtweb 24 novembre 2025

Easy setup, strong protection, zero bloat. Ideal for keeping WordPress clean and secure.

therinjfoundation 15 novembre 2025

As firewalls go, BBQ is a unique brand plus style of operation and it is very functional. No firewall stops everything but this one excels because it is a little outside the box in its design doctrine, dodging the tricky parts of building a firewall inside a system-wide firewall for the specific and unique requirements of a WordPress site. I will send a donation and send my thanks to the developers and best wishes for longevity and many happy days and years with this awesome project. Stick with it, folks, and have fun—with our thanks.Micheal John