Wordpress Search Plugin Ajax [ Full Version ]
For sites with >5,000 posts, indexed search is mandatory. Real-time will cause timeouts. 3. Database Impact (Benchmark Example) Tested on 50k posts, shared hosting (2GB RAM, 2 CPU):
– excellent relevance, but its AJAX is less polished than SearchWP’s (dropdown positioning issues on some themes). Implementation Tips (For Developers) If you must build your own lightweight AJAX search: // Step 1: Register REST endpoint add_action('rest_api_init', function() register_rest_route('mytheme/v1', '/search', [ 'methods' => 'GET', 'callback' => 'ajax_search_callback', 'permission_callback' => '__return_true' ]); ); // Step 2: Search logic (use WP_Query with s param) function ajax_search_callback($request) $s = sanitize_text_field($request->get_param('s')); if (strlen($s) < 3) return []; wordpress search plugin ajax
“Instant Search” by WP Engine (overpriced, buggy on non-Astra themes) and “Better Search” (no longer maintained). For sites with >5,000 posts, indexed search is mandatory
because they use WP_Query or $wpdb->prepare() . However, cheap plugins that build raw SQL are dangerous. Best Free AJAX Search Plugin Ivory Search (free version) – gives you AJAX live search + basic filters. No indexing, but fine for <2,000 posts. Database Impact (Benchmark Example) Tested on 50k posts,
| Risk | Example | Mitigation | |------|---------|-------------| | Heavy queries (DoS) | s=aaaaaaaa... (100 chars) | Limit query length to 50 chars | | SQL injection | s=' OR 1=1 | Parameterized queries (WP core does this) | | Data leakage | Searching draft posts | Check current_user_can('read_post') | | XSS | Result contains <script> | Escape output with esc_html() |
