WordPress.org

Ready to get started?Download WordPress

Forums

BBQ: Block Bad Queries
[resolved] [Plugin: Block Bad Queries (BBQ)] Why not block bad queries for administrators? (4 posts)

  1. fwchapman
    Member
    Posted 2 years ago #

    Thank you for your Block Bad Queries (BBQ) plugin, which is very similar to the functionality recommended in the How to Fix tab of the Ultimate Security Checker (USC) plugin. Unfortunately, BBQ does nothing if the user is logged in as an administrator, which is the only way a user can run the USC tests! This causes a false positive in USC, which reports that the site is still vulnerable to malicious URL requests.

    Why do you disable BBQ functionality for administrators? In my opinion, BBQ should be enabled for all users, regardless of capabilities.

    Would you please consider releasing an update which addresses this issue?

    Thanks very much,

    Fred Chapman

    http://wordpress.org/extend/plugins/block-bad-queries/

  2. fwchapman
    Member
    Posted 1 year ago #

    Okay, I've discovered a reason why BBQ should be disabled for administrative users: if BBQ is active for admins, it prevents the admin from emptying the trash for comments (as strange as that may sound).

  3. Jeff Starr
    Member
    Plugin Author

    Posted 1 year ago #

    Hi fwchapman, yes you are correct for the old version of the plugin, which is now rebuilt to protect the entire WP-powered site, including the admin area. If you encounter blocking of any other good URLs, please post them here so we can take a look. Thanks.

  4. fwchapman
    Member
    Posted 1 year ago #

    Jeff, thanks for your reply, and for improving BBQ! -Fred

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic