FiboSearch – Ajax Search for WooCommerce
The most popular WooCommerce product search plugin. It gives your users a well-designed advanced AJAX search bar with live search suggestions. By default, WooCommerce provides a very simple search solution, without live product search or even SKU search. FiboSearch (formerly Ajax Search for WooCommerce) provides advanced search with live suggestions. Who doesn’t love instant, as-you-type suggestions? In 2025, customers expect smart product search. Baymard Institute’s latest UX research reveals that search autocomplete, auto-suggest, or an instant search feature is now offered on 96% of major e-commerce sites. It’s a must-have feature for every online business that can’t afford to lose customers. Why? FiboSearch helps users save time and makes shopping easier. As a result, Fibo really boosts sales. Features ✅ Search by product title, long and short description ✅ Search by SKU ✅ Show product image in live search results ✅ Show product price in live search results ✅ Show product description in live search results ✅ Show SKU in live search results ✅ Mobile first – special mobile search mode for better UX ✅ Details panels with extended information – “add to cart” button with a quantity field and extended product data displayed on hovering over the live suggestion ✅ Easy implementation in your theme – embed the plugin using a shortcode, as a menu item or as a widget ✅ Terms search – search for product categories and tags ✅ Search history – the current search history is presented when the user clicked/taped on the search bar, but hasn’t yet typed the query. ✅ Limit displayed suggestions – the number is customizable ✅ The minimum number of characters required to display suggestions – the number is customizable ✅ Better ordering – a smart algorithm ensures that the displayed results are as accurate as possible ✅ Support for WooCommerce search results page – after typing enter, users get the same results as in FiboSearch bar ✅ Grouping instant search results by type – displaying e.g. first matching categories, then matching products ✅ Google Analytics support ✅ Multilingual support including WPML, Polylang and qTranslate-XT ✅ Personalization of search bar and autocomplete suggestions – labels, colors, preloader, image and more Try the PRO version FiboSearch also comes in a Pro version, with a modern, inverted index-based search engine. FiboSearch Pro works up to 10× faster than the Free version or other popular search solutions for WooCommerce. Upgrade to PRO and boost your sales! PRO features ✅ Ultra-fast search engine based on the inverted index – works very fast, even with 100,000+ products ✅ Fuzzy search – works even with minor typos ✅ Search in custom fields with dedicated support for ACF ✅ Search in attributes ✅ Search in categories. Supports category thumbnails. ✅ Search in tags ✅ Search in brands (We support WooCommerce Brands, Perfect Brands for WooCommerce, Brands for WooCommerce, YITH WooCommerce Brands). Supports brand thumbnails. ✅ Search by variation product SKU – also shows variable products in live search after typing in the exact matching SKU ✅ Search for posts – also shows matching posts in live search ✅ Search for pages – also shows matching posts in live search ✅ Synonyms ✅ Conditional exclusion of products ✅ TranslatePress compatible ✅ Professional and fast help with embedding or replacing the search bar in your theme ✅ and more… ✅ SEE ALL PRO FEATURES! Showcase See how it works for others: Showcase. Feedback Any suggestions or comments are welcome. Feel free to contact us via the contact form.
Top keywords
- search42×7.85%
- live11×2.06%
- product10×1.87%
- woocommerce9×1.68%
- live search8×1.50%
- results8×1.50%
- suggestions7×1.31%
- pro6×1.12%
- search results6×1.12%
- bar5×0.93%
- brands5×0.93%
- fibosearch5×0.93%
CAPI Suite
Stop paying $30–150/month for a GTM Server Container. Send Conversions API events to Meta, Pinterest, and TikTok directly from your WordPress server. No premium tier, no SaaS subscription. Three CAPI integrations in one install. Most plugins ship Meta only, or sell Pinterest and TikTok as paid add-ons. This one runs server-side dispatch to all three plus a bundled GTM template for GA4 + Google Ads (Enhanced Conversions, Conversion Linker, click-ID recovery for iOS Safari post-ITP). The same event_id flows browser-side and server-side so each platform deduplicates instead of double-counting. Aggressive bot filtering, no false-positives on real customers. Layered detection (behavioral signals + ~9,500-CIDR datacenter list + AI-crawler classification for GPTBot / PerplexityBot / ClaudeBot / Google-Extended / Bytespider / etc.) blocks Lighthouse audits, scrapers, and ad-fraud bots. Multi-layered customer bypass — Apple iCloud Private Relay whitelist, ad-click ID recognition (fbclid / gclid / ttclid), logged-in customers, prior-visit _fbp / _ga cookies, Cloudflare Bot Management validation — keeps real shoppers visible. Purchase events are never blocked; pre-Purchase events held by the filter are replayed on eventual checkout so Meta sees the complete funnel. Server-side CAPI to Meta, Pinterest, TikTok — every checkout & cart event, classic + block-based checkout, HPOS compatible. Per-platform retry isolates transient failures. GTM template for browser-side tags — GA4 + Meta Pixel + Pinterest Tag + TikTok Pixel + Google Ads (Enhanced Conversions enabled, Conversion Linker auto-attached). Event Log with By-IP view — paginated audit log, customer-protection badges prevent excluding real buyers, one-click exclude for confirmed bots, per-provider breakdown. GDPR / CCPA modes — honors CMP opt-out signals, strict server-side consent strips PII when consent is denied (browser↔CAPI dedup still works on event_id). Cache-safe — works with LiteSpeed, WP Rocket, Varnish, Cloudflare full-page cache. Click IDs captured into 1st-party cookies client-side; landing pages stay cacheable. WP Dashboard widget — queue health at a glance: backlog, oldest pending, last successful dispatch, datacenter exclusions today. If it helps your store, please leave a review — it genuinely helps other merchants find this plugin. External Services This plugin connects your website to external services to send event data. Service Used: Meta Conversion API (graph.facebook.com) Purpose: To send user interaction and e-commerce event data from your server to Meta’s servers for ad performance measurement, optimization, and audience building. Data Sent: Event details (product ID, price) and user parameters (IP address, user agent, hashed email/name/phone, Facebook cookies) are sent when a user performs a key action. Service Used: TikTok Events API (business-api.tiktok.com) Purpose: Same as Meta CAPI, providing server-side conversion tracking for TikTok Ads optimization and attribution. Data Sent: Event details (product ID, price, currency) and user parameters (IP address, user agent, hashed email/phone/external_id, ttp / ttclid cookies) are sent upon user action. Optional under the merchant’s TikTok credentials — the plugin only sends to TikTok if the credentials are configured. Service Used: Pinterest Conversions API (api.pinterest.com) Purpose: Same as the Meta CAPI, providing reliable tracking for ad performance and audience building on Pinterest. Data Sent: Event details and hashed user parameters are sent upon user action. Service Used: Google Tag Manager (googletagmanager.com) Purpose: To load a JavaScript container from Google’s servers that allows you to manage and deploy marketing and analytics tags. Data Sent: The plugin provides your GTM Container ID to Google to fetch the correct script. GTM itself may collect data based on how you configure your tags. Service Used: Cloud-provider IP range list — raw.githubusercontent.com/rezmoss/cloud-provider-ip-addresses Purpose: Used by the optional Datacenter IP filter to keep the bot blocklist current. Daily background fetch downloads CIDR ranges for AWS, Google Cloud, Azure, Cloudflare, DigitalOcean, Linode, Vultr, Oracle Cloud, and Fastly so events from those ranges can be filtered out before reaching Meta / Pinterest / TikTok. Data Sent: None. The plugin only downloads public IP-range manifests; no visitor data is sent to GitHub. License: Source repository is CC0-licensed. Service Used: Apple iCloud Private Relay egress IP list — same raw.githubusercontent.com/rezmoss/cloud-provider-ip-addresses source (folder apple_private_relay/) Purpose: Used by the optional Datacenter IP filter to whitelist real Apple visitors who exit through Apple’s relay infrastructure. Daily background fetch downloads the merged CIDR list so iOS Safari users on Private Relay aren’t mistaken for datacenter bots. Data Sent: None. The plugin only downloads the public manifest; no visitor data is sent. Shared hosting note. Some restrictive shared hosts block outbound HTTPS by default. If event delivery silently fails after install, ask your host to whitelist the following domains for outgoing connections: graph.facebook.com, business-api.tiktok.com, api.pinterest.com, and raw.githubusercontent.com (only needed if you keep “Auto-fetched” enabled on the Blocked Traffic tab — covers both the datacenter blocklist and the Apple Private Relay whitelist). Advanced Configuration Setup details for Consent Mode v2, the strict server-side consent mode (GDPR PII gating), CMP auto-block compatibility, and the WooCommerce Subscriptions integration. None of these are required for a basic CAPI setup — turn them on as your store needs them. Consent Mode v2 Setup (GDPR / EU Compliance) If you serve EU visitors, GA4 and Meta browser tags don’t fire when consent is denied — typically losing 20–50% of measured event volume. Google Consent Mode v2 recovers this: when consent is denied, GA4 / Meta tags switch to cookieless pings (anonymous beacons carrying event name, value, currency, timestamp but no client identifier). Google’s ML models the conversions from these pings and shows them mixed with observed ones in your reports. A single CMP integration repairs both GA4 and Meta attribution because the Meta Pixel template reads the same consent signals. How to enable. Popular CMP plugins (Cookiebot, CookieYes, Complianz, Iubenda, Termly, OneTrust) all have a native Consent Mode v2 toggle in their settings — find and enable it. The CMP then calls gtag('consent', 'default', {denied}) before GTM loads and gtag('consent', 'update', {granted}) after the visitor accepts. The bundled GTM template includes a paused “Consent Defaults (Pre-CMP)” tag. Enable it only if your CMP doesn’t set gtag('consent', 'default', ...) on its own (rare with modern CMPs). Strict server-side consent mode (PII gating for CAPI) Consent Mode v2 only controls browser tags. Server-side CAPI fires from PHP, never sees gtag('consent', ...) signals — so it transmits hashed PII regardless of cookie-banner choice. Fine outside the EU; a GDPR concern inside it. The Privacy & Consent (Server-side) section has a Strict server-side consent toggle (default OFF). When enabled and the visitor has denied marketing consent in your CMP, identifying PII (em, ph, fn, ln, address, fbp, fbc …) is stripped from the CAPI payload. The event still ships with event_id, value, currency, contents — Cookiebot, CookieYes, and Complianz cookies are read automatically; other CMPs supply state via the mcapi_marketing_consent_granted filter. Why this matters alongside Consent Mode v2. Denied-consent browser pixels switch to cookieless pings — modeled, not observed. With Strict server-side consent ON, your server-side CAPI ships alongside that ping carrying the same event_id. Meta dedupes by event_id and now has an observed server signal feeding the same conversion record the cookieless ping created — cleaner Event Match Quality than browser-only or naïve “send everything” CAPI, and GDPR-defensible because no identifying data leaves your server. Default OFF preserves match quality for existing non-EU setups. Recommended ON once Consent Mode v2 is configured in your CMP. CMP Auto-Blocking and the Plugin’s Inline Scripts CMPs with “auto-blocking” (Cookiebot, CookieYes, others) scan every tag on load and convert anything they suspect of tracking to type="text/plain" until consent. The plugin’s inline scripts only POST first-party events to your own REST endpoint — but a generic auto-blocker can’t tell. To avoid a silent break, every plugin-rendered inline script ships with opt-out attributes for Cookiebot (data-cookieconsent="ignore"), CookieYes (data-cookieyes="cookieyes-necessary"), and Complianz (data-cmplz-no-cookielaw="1"). For other CMPs (OneTrust, Quantcast, in-house), append your own attribute via the mcapi_inline_script_attrs filter. WooCommerce Subscriptions Integration By default, every WooCommerce Subscriptions auto-renewal sends a fresh Purchase to Meta CAPI — credited to the original acquisition ad. Reported ROAS keeps climbing month after month from the same conversion, polluting optimization signals. The plugin auto-detects WooCommerce Subscriptions and exposes: Subscription Renewal Behavior (radio): Default — renewals send as regular Purchase. Existing setups unchanged. Skip — renewals not sent. Cleanest ROAS hygiene; you forfeit Meta’s LTV signal from renewals. Tag — renewals still send Purchase but with custom_data.customer_status = "subscription_renewal" so you can filter them in Events Manager. Subscribe / SubscriptionRenewal events — Meta’s standard Subscribe for sign-ups + a SubscriptionRenewal custom event for renewals. Purchase stays clean, advertisers using LTV-bidding can opt into both. Tag every Purchase with customer_status (checkbox): adds custom_data.customer_status (new_customer / returning_customer / subscription_renewal) to every Purchase so Meta Advantage+ can bid acquisition vs. retention differently. Guest checkouts fall back to billing-email lookup. Disclaimer This plugin is an independent, community-driven implementation of server-side Conversions API protocols. It is not affiliated with, endorsed by, or sponsored by Meta Platforms, Inc., TikTok Ltd., Pinterest, Inc., Google LLC, Automattic Inc., or any other trademark holder referenced herein. “Meta”, “Facebook”, and the Meta Pixel are trademarks of Meta Platforms, Inc. “TikTok” is a trademark of TikTok Ltd. “Pinterest” is a trademark of Pinterest, Inc. “Google Tag Manager”, “Google Ads”, and “GA4” are trademarks of Google LLC. “WooCommerce” is a trademark of Automattic Inc. All trademark references are used solely for descriptive interoperability purposes — to indicate which platforms this plugin can transmit data to under the merchant’s own configured credentials. No user data is transmitted to any external service until the merchant explicitly configures their own platform credentials in the plugin settings. The plugin does not “phone home” or contact any developer-controlled server. The only outbound HTTP calls are: (1) merchant-configured CAPI endpoints, (2) the public CIDR manifests at raw.githubusercontent.com used by the optional Datacenter IP filter — no visitor data is sent in those manifest fetches.