What if you only use BBQ?

  • Resolved rdkcreative

    (@rdkcreative)


    4 years, 8 months ago

    I see a lot of people asking for compatibility of BBQ with other security plugins. But is it necessary to use other security plugins in parallel with BBQ? If so, what is it that BBQ is lacking that other solutions provide?

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Jeff Starr

    (@specialk)

    Glad to help:

    1) “is it necessary to use other security plugins in parallel with BBQ?”

    No plugin can provide 100% security. And each site has its own unique security needs. If you want to protect against bad requests and other threats, then a firewall such as BBQ will help. Then if you want to add other types of security features, like virus detection or whatever, there are plugins that can do it. There also are plugins that do multiple things, like provide a firewall and virus protection. Some people prefer to add task-specific plugins to keep things light and flexible. Other folks prefer the “all-in-one” type plugins that try to do everything. Ultimately it’s your call.

    2) “If so, what is it that BBQ is lacking that other solutions provide?”

    BBQ provides a super lightweight and fast firewall that protects against a wide range of bad requests. It’s security rules are based on extensive research and designed to give the widest possible protection with minimal false positives. There are other firewalls out there, each brings its own set of rules that blocks different types of threats.

    I hope that helps. Let me know if I can provide any further infos.

    Thread Starter rdkcreative

    (@rdkcreative)

    Thanks for the info Jeff. Does the plugin protect against brute force attacks?

    Plugin Author Jeff Starr

    (@specialk)

    Not in general, however brute force attacks take many different forms. So any attack utilizing patterns blocked by BBQ will be stopped.

    Thread Starter rdkcreative

    (@rdkcreative)

    On my host I have Imunify360 and Patchman running. I’m leaning towards removing Wordfence, deactivating xml-rpc using htaccess and then have BBQ as the only security plugin. Still debating if I should add a limit login attempts plugin.

    Plugin Author Jeff Starr

    (@specialk)

    If it helps, I secure some of my sites using nothing but solid hosting, free (or pro) BBQ, and some miscellaneous .htaccess techniques (like you suggest disabling xml-rpc etc.). Works great, very lightweight/fast, and easy to set up.

    For login-limit type plugin, it is only needed if you don’t have control over users and their passwords. If you can’t enforce super strong passwords, then limiting login attempts can be useful. Otherwise using strong passwords (for all users) is more than sufficient.

    • This reply was modified 4 years, 8 months ago by Jeff Starr. Reason: clarity
Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘What if you only use BBQ?’ is closed to new replies.