cancel
Showing results for 
Search instead for 
Did you mean: 

Search Attack

Search Attack

Hi all,

 

I seem to be getting around 5 re-occuring search terms on my website but who ever is doing it is searching it around 1,000 times and the results show nothing. I am worried this is some sort of search attack, how can I prevent this?

11 REPLIES

Re: Search Attack

Yes, likely a bot or script either scraping content or probing for vulnerabilities (or just being a nuisance). Take a look at your raw web access log, grep for the terms, collect the IPs, and block in either .htacces or at the firewall level.

 

Your web host should be able to help with this, as it's standard stuff for any Magento based host.

Re: Search Attack

I agree with @robfico that you can try looking into your logs (Awstats, Webalizer, Raw Access Log, etc) to identify IP addresses that are causing the problems (rogue bots usually attack from a few IPs only) and block them out from your website. 

 

Depending on your hosting control panel, you can either block them out with an IP Deny Manager or you may need to go the manual way by adding the following to your .htaccess file:-

Order Deny,Allow
Deny from 1.1.1.1
Deny from 2.2.2.2
Deny from 3.3.3.3

 

James Lee | Moderator • Magento Master
See My Recommended Magento Hosting & Security Tips

Re: Search Attack

You can also see if the bots are using a specific "User Agent String" that you can block using a similar method to what @JLHC.

This website goes into a bit more detail about blocking based on the UA:

http://www.thesitewizard.com/apache/block-bots-with-htaccess.shtml

 

If you want to download a copy of your RAW access log from your hosting and put it on say dropbox as a zip file I'd be happy to take a quick look for you also and suggest some possible filtering.

Re: Search Attack

thanks guys but do any of you know where I can find these log files on my server?

Re: Search Attack

It can vary from host to host. If you have a control panel let us know which one (cPanel and Plesk are the common ones) and then we might be able to point you in the right direction.

Else if you have server access have a look in the "/var/log" directory.

Re: Search Attack

are you using any caching solution. If yes, then I think you should set up cache for search then your problem should be solved

- Magento Tutorial many tips for magento
- Best Magento Hosting 2015 make magento FAST easy

Re: Search Attack

@davidclarkny2 how is that acheived I just have the basic cache system at the moment

Re: Search Attack

He's referring to if you have a Full Page Cache Solution like Lesti or another extension. You can set the cache to cache search results, so the hits will have much less impact on your site's performance.

 

Magento's built-in cache will not cache search results.

Re: Search Attack

I have installed FPC by Lesti, do oyu have a guide for that @robfico?