bots are spamming my site’s search url (I think?)

  • Resolved Kate

    (@katebopp)


    2 weeks, 3 days ago

    Hi. We have recently uncovered a problem with bots spamming our search form and/or WordPress search URL. I am pretty new to spam attacks, so I only have a limited understanding of what is going on.

    To begin, our search plugin developer (SearchWP) sends us weekly auto-generated summary emails of our search’s performance. We never paid attention to these emails until recently. In the second week of January, the SearchWP summary email showed a large uptick in traffic to our search form. Our business is fairly niche. We have a relatively high conversion rate with regard to traffic. Essentially, we are used to low traffic. Between the week of January 6th and January 13th, the number of searches multiplied by 10 (it went from about 110 searches to about 1100). 3 weeks later it multiplied by 10 again (now 12,000) searches. The search queries are random and odd and have nothing to do with our niche business.

    When I contacted the SearchWP developers, they told me that it seems like bots and that I would need to institute some server level measures to prevent these bots. I talked to my host, and they told me to try and gather more information about the spam events and then they would help me with my robots.txt file. They asked for logs of these events to analyze what bot(s) is doing this.

    So that is the situation. Now, regarding CleanTalk: I looked in my anti-spam and firewall logs and I didn’t see any mention of the strange red-flag search terms. Is it possible for me to use CleanTalk antispam to address any piece of this problem?

    One more thing, the search plugin developers said “In WordPress, searches can be triggered?directly from the URL?using the?‘s’?parameter, without requiring the use of a search form. When the search page loads, these queries get logged into the?SearchWP?metrics, which could explain the spike in irrelevant searches.

    I tried looking for events in my antispam logs regarding the s parameter, but nothing really stood out.

    Thank you for your time.

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support katereji

    (@katereji)

    Hello.

    We recommend enabling the Anti-Crawler option to block bots from even accessing your site. This option is designed for blocking any bots (with the exceptions): https://cleantalk.org/help/anti-flood-and-anti-crawler#anticrawl.

    We also recommend updating the Anti-Spam plugin, you have installed one of the previous version, not the latest one.

    Please let us know if the suggested solution helped.

    Plugin Support sergecleantalk

    (@sergecleantalk)

    Hello.
    We haven’t heard back from you in a few days, so I’m going to mark this topic as “resolved”.
    If you have any further questions, you can start a new topic or contact us via our private Ticket System:?https://cleantalk.org/my/support/open.

    Thread Starter Kate

    (@katebopp)

    Thank you! Sorry it took us awhile to get back to you. We updated the site and enabled the Anti-Crawler setting that you suggested. That’s fine that you marked this resolved. After I receive more SearchWP weekly email summaries to use as comparison, I will respond to this if the problem persists. Thank you for your help and have a nice day.

    Plugin Support SergeM

    (@serge00)

    Thank you too for informing us.

    Let us know how the things go any day. We’ll do our best to resolve any issues with CleanTalk.

Viewing 4 replies - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.