Summary: Search function abused by spammers
Created: 2007-05-24 05:25
OS: PHP 5.1.6
Description: This somewhat relates to http://www.pmwiki.org/wiki/PITS/00899 (nice URL). In my logs I have a lot of requests against eg "pmwiki.php/PmWiki/Search?q=%3DThis%2520is%2520a%2520cool%25&action=search" and this causes a lot of unnecessary load. I ended up with switching the search form to use "method=post" instead of nothing or "get", and I changed all "$_REQUEST['q']" and "$_GET['q']" to "$_POST['q']" in pagelist.php and this helped. The search box function is not affected by this, but I'm unsure about side effects.
Would be nice to have something in config.php that disallows the use of search URLs.