[jnears]

2 weeks, 5 days ago #54055

Hi
We are being hit repeatedly by wildcard searches which is returning all of our indexed content. This in turn is slowing our site and getting close to hitting the limit of our monthly opensolr bandwidth.

When i check the opensolr dashboard we have huge numbers of queries for (“*” OR (*)).

We have recently been hit by numerous SQL injection attacks so I’m assuming this is all originating from the same source.

FYI ‘Use partial keyword matches in results’ is NOT checked in the wpsolr dashboard.

Is there a way to safely block wildcard searches?

Is there anything else I can do to help mitigate this?

Thanks

[wpsolr]

2 weeks, 5 days ago #54056

We are being hit repeatedly by wildcard searches which is returning all of our indexed content.

A bot is probably crawling all your archive pages, search included.

[jnears]

2 weeks, 5 days ago #54057

So is there a way to prevent bots from doing searches? I guess we need to prevent these via firewall? Not something that wpsolr module can assist with?

There are 355,394 hits (“*” OR (*)) in last three days – this seems to be more than a bot?

• This reply was modified 2 weeks, 5 days ago by jnears.
• This reply was modified 2 weeks, 5 days ago by jnears.
• This reply was modified 2 weeks, 5 days ago by jnears.

[wpsolr]

2 weeks, 5 days ago #54061

If this is a bot, it should be identified with your firewall.

The problem also arises for individual crawled pages that consume all resources like RAM, CPU, MySQL, etc. This must be managed with external CDNs and firewalls.