I am writing to suggest a new feature for the Defender Pro plugin. I believe this addition would significantly enhance its security capabilities and protect users from a specific type of resource-draining attack.
The Problem:
My WordPress site has been frequently targeted by a bot attack that spams the native WordPress search functionality. These bots execute a massive number of search queries in a short amount of time, using various keywords related to gambling sites.
This malicious activity causes a significant spike in my server’s CPU and RAM usage. As a result, the website becomes extremely slow and, in some cases, completely inaccessible to legitimate visitors.
The Suggestion:
I propose that you integrate Defender Pro’s Google reCAPTCHA v3 functionality to also cover the default WordPress search form.
Currently, reCAPTCHA can be applied to login, registration, and comments, but not to the search feature. By extending this protection to the search bar, Defender could silently verify if a search is being initiated by a human or a malicious bot. This would effectively block these search-bombing attacks before they can consume server resources.
I believe this feature would be a valuable addition for many Defender Pro users, as this form of bot attack is becoming increasingly common.
Thank you for your time and for creating such a great suite of plugins. I look forward to your consideration of this suggestion.
Best regards,
Telkom University
