You can block the spamming ips via htaccess.

order allow,deny
deny from *ipadress*
allow from all

Thanks - not a bad solution, but in this case the IPs vary. Or rather they vary by session. One Ip will spam me with 20 or 30 hits, then a bit later another one does, usually a related Ip. And so on.

A *possible* solution is to change the <input name="s" to summat else "foo" for instance.

Then in _basic.config.php you could do something like :

<?php
if( !empty( $_GET['s']  ) || !empty( $_POST['s'] ) )
{ // if you wanna be flash, send a 403 header ;)
  die( 'sod off and stop wasting my cpu :|' );
}
if( !empty( $_GET['foo'] ) )
{ // set get
  $_GET['s'] = $_GET['foo'];
}
if( !empty( $_POST['foo'] ) )
{ // set get
  $_POST['s'] = $_POST['foo'];
}
?>

ish ;)

¥

I'm gonna give that a try. Thanks ¥.