Posted on

Keyword-based search blocking

If your search logs are full of spam with repeating keywords, you’re being targeted by a spammer. Their goal is to get visibility to their malicious URLs, hoping Google will index your search results pages with their spam URL in it.

There are probably better ways to stop these kinds of spammers, but here’s one approach you can use without any access to the server level settings. Add the following code to the theme functions.php:

add_filter( 'pre_get_posts', 'rlv_block_search' );
function rlv_block_search( $query ) {
    if (!empty($query->query_vars['s'])) {
        $blacklist = array( '大奖', 'q82' ); // add blacklist entries here; no need for whole words, use the smallest part you can
        foreach( $blacklist as $term ) {
            if( mb_stripos( $query->query_vars['s'], $term ) !== false ) exit();
        }
     }
}

Now any searches that include the blacklisted terms stops WordPress execution immediately. Be careful and only list things in black list that are never good searches. Parts of spammer URLs and for example Chinese characters on a site with no Chinese content are fairly safe bets. You can find your personal problem search terms from the site search logs.

2 comments Keyword-based search blocking

  1. Hi there ,

    is this also the recommended approach to stop what looks to me like SQL injection attempts?

    Recently, my logs are full of search terms such as:

    puerto plata’ and sleep(3) and ‘1

    puerto plata1111111111111’ union select char(45,120,49,45,81,45),char(45,120,50,45,81,45),char(45,120,51,45,81,45),char(45,120,52,45,81,45),char(45,120,53,45,81,45),char(45,120,54,45,81,45),char(45,12

    Thank you.

    1. Yes, that’s an injection attack attempt. No need to worry about it, though: it’s not possible to do a SQL injection attack through Relevanssi search, all search terms are escaped and safe. Blocking can be used to keep these queries from polluting your logs, but it’s not necessary for security.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.