WordPress Search Engine Plugin - Use Case - How To Stop Malicious IPs From Slowing Down Your Site With Many Search Requests

Use Case - How to stop malicious IPs from slowing down your site with many search requests

Back to User Guides

Introduction

The WordPress Search Engine Plugin drastically improves the default WordPress search function, directing users to relevant content without hassle. Automatically redirects users based on search queries, suggest query terms, and replace unwanted words.

The WordPress Search Engine Plugin also protects your website from hackers and spam bots attempting to crash your site with DoS (denial-of-service) attacks.

Use Case Front-End

Example of searching for banned term with displaying an error message:

Example of searching for banned term with redirecting the user to defined URL:

Use Case Assumptions

In this example use case guide we will consider how to stop malicious IP's from slowing down your site with many search requests. Each time a search is blocked the user IP address is logged. You can easily block it from the Banned IPs dashboard. Ban negates searches of specified terms, either displaying a customizable denied message or redirecting the user. 

We consider that you have already bought the plugin, but not installed it yet.

It follows:

• Installing the plugin
• Setting up
• Banned dashboard
• Banned IPs list
• Search terms log
• End Result

Installing the Plugin

The process is the same for all CM plugins and add-ons.

• Download the plugin from your customer dashboard.
• Log in to WordPress and navigate to the WordPress Admin → Plugins settings.
• Click on Add New.
• Activate it and add the license.

Learn more: Getting Started - Plugin Overview

Setting up

Let's start acquainting with the plugin from its settings. Navigate to Admin Dashboard → CM Search Console → Settings.

Feature Control

In this section you can disable or enable core features of this plugin.

• Disable Redirect - Disable all the rules in the Redirect Dashboard. (Learn more about this feature in this Use Case)
• Disable Replace - Disable all the rules in the Replace Dashboard. (Learn more about this feature in this Use Case)
• Disable Autocomplete - Disable all the rules in the autocomplete Dashboard. (Learn more about this feature in this Use Case)
• Disable Banned - Disable all the rules in the Banned Dashboard. (We will consider this feature more detailed lower)
• Disable Loading icon - Disable the loading icon after searching.

Loading Settings

• Loading label - Change the text of "Searching..." label.

Banned Setting

The settings in this section define what happens when users search for a banned term.

• Banned Search Result - Choose the action when the user searches for banned term. The options are:
  • Show Error Message - Displays a customizable message to the user.
  • Redirect - Sends the user to a specified URL.

• Banned Message - Customize a message that the user will see if in Banned Search Result is chosen Show Error Message. Example:

  

• Banned Redirect Url - Set the URL where the user will be redirected if in Banned Search Result is chosen Redirect. It can be in advanced prepared page with some information about forbidden requests. Example:

  

• Ban Empty Search - Choose yes to add a rule that bans empty searches.

• Whitelisted IP - A list of IPs which should not get on the banned IP list. If there is more than one IP address, they must be separated by comma. Example:

  

Banned Dashboard

Now it's time to create some rules banning unwanted search requests.

Navigate to Admin Dashboard → CM Search Console → Dashboards.

Locate there a tab called Banned Dashboard.

There you can see that one rule is already created - "\s+". This is a rule for empty requests. It's created because in plugin settings the option Ban Empty Search is enabled - to remove this rule you need to disable the option.

To create a new rule, click the button Add Banned Term. Write the term that you want to ban in the field and then click Save Changes. You can delete the rule at any time by clicking the button Delete next to the rule. To cancel the actions before they were saved click the button Cancel.

In the same way you can create any number of rules. Let's look at the example of how the list with a few created rules can look like:

Now let's see how it works on the Front-end. 

In the first example in the option Banned Search Result is chosen Show Error Message, so it will just show the error message to the user, who looks for the forbidden term:

In the second example in the option Banned Search Result is chosen Redirect, the user who looks for the forbidden term will be redirected to the defined by you URL:

Banned IPs List

Banned IPs list shows you a list of all IP addresses that searched for banned terms. To manage it navigate to Admin Dashboard → CM Search Console → Banned terms log.

There you can see a table with the list of IPs and commit some actions with them.

1. Erase the log - Click it to remove all records about IPs.
2. Export for .htaccess - Click it to export the list of banned IPs. Note: it exports not all IPs from the list, but only banned.
3. Filter by dates - Filter IPs by date. Choose the period of time by setting start and end date, and then click the button Apply.
4. Filter Banned - Check this box and click Apply to filter banned IPs.
5. IP - Click it to order the list by IPs.
6. Count - Click it to order the IPs in the log by the number of how many times they have searched for banned search requests (ascending or descending).
7. Banned - If you need to ban some IP that looks suspicious for you, you can simply check the box next to needed IP.
8. Date - In this column you can see the date and time when this IP made last search request on your site.

You can also check the location of any IP. Just hover on needed IP and click Check IP location. You will be redirected to the site that defines IP location.

Search Terms Log

One more useful feature is Search terms log, where you can see and manage the statistics and activity with search requests. Navigate to Admin Dashboard → CM Search Console → Search terms log.

There is a table with all terms that users searched on your site.

Here you can do the following things:

1. Erase the log - Click it to clear the log.
2. Filter by dates - Filter search terms by date. Choose the period of time by setting start and end date, and then click the button Apply.
3. Search - Search for definite term in the log to see its statistics.
4. Filter Banned - Check this box and click Apply to filter search requests that you have banned.
5. Search Term - Click it to order the items in the log by terms (alphabetical).
6. Count - Click it to order the items in the log by the number of how many times it's been searched (ascending or descending).

You can also hover on any item and apply a few actions.

1. Search the term - If click on it you will be redirected to the front-end of your site to see what search results can be found for this term.
2. Remove - Remove this record from the log.

Two important columns are  Banned and Count. In the Count column you can see how many times was requested some term or phrase. If you think this request is suspicious you can create a Banned rule by simply checking the box in the relevant column in the line of needed term or phrase. This rule will appear in Banned Dashboard.

End Result

Following instructions found in the plugin and guides, you should be able to stop malicious IP's from slowing down your site with many search requests.

Use Case Front-End

Example of searching for banned term with displaying an error message:

Example of searching for banned term with redirecting the user to defined URL:

	More information about the WordPress Search Engine Plugin Other WordPress products can be found at CreativeMinds WordPress Store
	Let us know how we can Improve this Product Documentation Page To open a Support Ticket visit our support center