It won’t stop bots from search abuse, as they usually don’t use the actual form to make an ajax call. Almost all of them work from a command line or as a tool, and (pre-recorded) requests are made as a GET or POST command, with fake headers. They can repeat it a billion times if they want, without visiting your site. This is unpreventable and undetectable with a front-end script, as it’s not even executed.
Client site script limits only stop regular users (unfortunately they are not the ones abusing), it’s more of a cosmetic/usability issue – as it is very easy to lift these limits from the console, if an advanced user wants to be abusive.
The best thing to do is to have a firewall of some sort to filter abusive bot IPs. I can recommend cloudflare, so far in 5 years I have not experienced any kind of abuse whatsoever.
Best,Ernest Marcinko
If you like my products, don't forget to rate them on codecanyon :)
