One of the new features in the 1.4 release of ExpressionEngine is the ability to track search terms whenever someone uses the built-in search function. Being the sort of person who pays attention to the logs on his site out of pure curiosity I’ve been hitting the search log pretty heavily and even considered putting in some code to display the last several search results.
That is until I noticed a rather interesting trend over the past few weeks. Spammers are hitting the search function of EE with the links to their gambling and porn sites every so often. The times logged are spaced just far enough apart that it’s hard to tell if it’s an automated script or an actual person doing the searches, but with the growing trend of displaying recent searches on some blogs I wouldn’t be at all surprised if it were a script designed to get the URL in the search results table in case a particular site is displaying such data.
If it is a person then they’ve been very busy. IP address 188.8.131.52 out of Amsterdam stopped by several times today to search for various gambling URLs. It’s one of several IP addresses allocated to a “RIPE Network Coordination Centre” that has been hitting SEB pretty hard as of late. I suppose I should be grateful as this actually helps me to keep the blacklist up to date. Anything I don’t recognize as already being blacklisted gets added immediately just to make sure. At times I’m still amazed at the lengths these assholes will go to get their spam out onto as many blogs as they can.