PassMark Logo
Home » Forum

Announcement

Collapse
No announcement yet.

managing searchwords.log

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • managing searchwords.log

    Hi--

    Our site gets hit pretty hard with bots and I'm wondering if there's a way to manage how some search terms are treated. That is, I'd like to redirect people using certain search terms to a different page or just use a PHP die() command on those instead of them filling up our log files with their garbage.

    Is this possible?

    Thank you!

  • #2
    It is not a function or behavior configurable in Zoom.

    The easiest way to combat this may be to write some JavaScript on your search page to filter the search terms before they are sent to be processed.

    Comment


    • #3
      Originally posted by Richard View Post
      It is not a function or behavior configurable in Zoom.

      The easiest way to combat this may be to write some JavaScript on your search page to filter the search terms before they are sent to be processed.
      I thought that was the case. To be clear, you're talking about adding the JS to the page with code that requires the search.php file, correct?

      Comment


      • #4
        Javascript might or might not work. It depends on the bot and if they have already recorded the URL to the search.php file. i.e. they might by pass the Javascript. Certainly it should stop new bots however.

        Another possibility is to use URL rewriting in Apache (assuming you are using Apache).
        Or if the bots are just coming from a few IP addresses, just ban the IP addresses.

        Comment


        • #5
          I actually added some PHP to the top of the page and it's been working fine....except for one thing.

          I'm recently seeing something like this in the logs:


          ". . . . . . . . . . . . etc passwd"
          I'm guessing they're entering some PHP code and using the . as a concatenator, but all that's logged are dots.

          Any chance I can see exactly what they're entering?

          Also, we try not to ban IPs simply because if we do, they'll use another. This is a very public site and a favorite of bots and hacking attempts. No idea why since we don't have *any* personal information.

          Comment


          • #6
            Check your web server logs to see the exact HTTP request they are making. Zoom wouldn't be logging this as it's not relevant to the search query.
            --Ray
            Wrensoft Web Software
            Sydney, Australia
            Zoom Search Engine

            Comment

            Working...
            X