Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
+9 votes
1.1k views
in Q2A Core by
As many hackers are making large number of search queries on my website and the search results are successfully indexed in google search console, I need to disable search function.

I have blocked all ip ranges as well as remove search button from the website, but it is still happening by hackers.

Please help.
Q2A version: 1.8.6
by
+1
What are you even talking about? Why (and how) would Google index search queries someone else sends to your site? And since your search box should only produce results from your site, why would it matter even if that happened? Also, did you put the search URL into your robots.txt to tell Google that it should not index those paths?
by
Thanks for your comments. The following has been taken from the director-of-log-files of the website. I see thousands of these search queries made on my website and these become part of Google search Counsel where these are indexed, I keep on blocking ip addresses but new addresses are used to attack my website. I would require your guidance:

2023-04-09    00:00:01    165.231.97.216    no_userid    no_handle    no_cookieid    search    query=谷歌搜索留痕推广,google留痕代发【电报:@trace88】㊙️24小时...    start=0
2023-04-09    00:18:51    185.104.219.144    no_userid    no_handle    no_cookieid    search    query=【聊天记录同步⏭⏭⏭⏭查询微信8955*960*27】接收别人的微信聊天记录...    start=0
2023-04-09    00:19:03    165.231.97.216    no_userid    no_handle    no_cookieid    search    query=瑞士国家队55号(⏩卡塔尔世界杯官方指定bet365备用网址:bet967....    start=0
2023-04-09    01:52:59    196.240.143.149    no_userid    no_handle    no_cookieid    search    query=瑞士国家队55号(⏩卡塔尔世界杯官方指定bet365备用网址:bet967....    start=0
2023-04-09    01:53:10    196.196.198.204    no_userid    no_handle    no_cookieid    search    query=北京试管婴儿最好的医院-(微信38332747)-加拿大一代试管一般多少钱-...    start=0
2023-04-09    01:53:22    165.231.37.130    no_userid    no_handle    no_cookieid    search    query=婚姻信息代查-⏭查询微信78106772⏮-查开宾馆记录-案底记录公安系统查...    start=0
2023-04-09    02:08:50    220.181.108.167    no_userid    no_handle    no_cookieid    search    query=Hula ni Zhou Yi ang Champion ng Qatar ...    start=0
2023-04-09    02:43:55    170.83.179.209    no_userid    no_handle    no_cookieid    search    query=全球通signal平台接码-(⏩唯一账号认准✔️全球通tg✔️@gotone...    start=0
2023-04-09    02:43:58    165.231.97.216    no_userid    no_handle    no_cookieid    search    query=香港亚博block【网址:ag178·cc】亚洲第一.yfu    start=0
2023-04-09    02:44:09    196.242.10.30    no_userid    no_handle    no_cookieid    search    query=3199彩集团购票大厅-⏩⚽️官网tb888.online⏪-好彩彩票手机版...    start=0
2023-04-09    02:44:22    196.242.178.4    no_userid    no_handle    no_cookieid    search    query=pc加拿大28预测55【网址:ag178·cc】亚洲第一.qez    start=0
2023-04-09    03:22:09    5.157.61.151    no_userid    no_handle    no_cookieid    search    query=全球通signal平台接码-(⏩唯一账号认准✔️全球通tg✔️@gotone...    start=0
2023-04-09    03:22:21    170.83.176.229    no_userid    no_handle    no_cookieid    search    query=合肥酒店包夜【微信:cdcw218】快速安排.dak    start=0
2023-04-09    03:22:34    168.90.199.134    no_userid    no_handle    no_cookieid    search    query=谷歌搜索留痕推广,google留痕代发【电报:@trace88】㊙️24小时...    start=0
2023-04-09    03:22:43    196.240.254.93    no_userid    no_handle    no_cookieid    search    query=加拿大2019国家队球员名单(⏩卡塔尔世界杯官方指定bet365备用网址:b...    start=0
2023-04-09    03:22:56    196.242.178.4    no_userid    no_handle    no_cookieid    search    query=【聊天记录同步⏭⏭⏭⏭查询微信8955*960*27】如何将微信号上的聊天记...    start=0
2023-04-09    03:23:06    109.230.218.164    no_userid    no_handle    no_cookieid    search    query=54张牛牛【网址:ag178·cc】亚洲第一.tkw
by
Also, did you put the search URL into your robots.txt to tell Google that it should not index those paths?

I added as Disallow:/search?q=
Is the above right? kindly guide me this as well.
by
What you need to add in robots.txt depends on what URL structure you configured (under "Admin -> General"). If you're using the topmost one, "Disallow: /search" should be fine.

As for your other comment: what is a "director-of-log-files"? Do you mean logfile directory? And I still don't see what makes you believe these queries would become indexed by Google. What evidence do you have that this is happening?

Also, do you perhaps have the OpenSearch plugin enabled (under "Admin -> Plugins")?
by
Thanks for your comment and guidance. I have selected topmost one in URL structure, so as you suggested "disallow/:search" has been added.

"Directory-of-log-file " folder is a part of q2a script where all searches or events are logged. I found the above searches there in as well. I got to know and believe that these searches are being indexed, by oberving in the google search console account wherein I have check which files are indexed after submission. There I found that thousands of search files are automatically submitted. I also checked that there is no other account in google search console except that of mine. So, this made me believe that queries are indexed in google as well.

1 Answer

0 votes
by

You seem to have configured the Event Logger plugin to log to daily log files. Did you perhaps put the log directory somewhere in your Q2A directory? Please change that. The log directory must be writable for the webserver, but it should not be in a location that the webserver publishes to the internet.

The details of where to put a log directory depend on what kind of hosting you have. On a Linux root server the proper location would be /var/log (e.g. /var/log/q2a, or a subfolder of your webserver log directory).

...