{keyword} And (select 8148 From(select Count(),concat(0x7162717671,(select (elt(8148=8148,1))),0x7171627171,floor(rand(0)2))x From - Information_schema.character_sets Group By X)a)-- Qkgc

The attacker isn't trying to delete data yet; they are trying to "fingerprint" the database.

It looks like your query contains some SQL injection syntax ( SELECT COUNT , CONCAT , INFORMATION_SCHEMA ). If you're looking for an on how these types of database queries work—specifically regarding web security and SQL injection (SQLi) —I can certainly help with that. What is this code? The attacker isn't trying to delete data yet;

Only allow the types of characters you expect. If a user is searching for a "Keyword," they probably don't need to use parentheses or semicolons. never as executable code.

This is the gold standard. Instead of building a query string with user input, you use placeholders ( ? ). The database treats the input strictly as data, never as executable code. The attacker isn't trying to delete data yet;

{keyword} And (select 8148 From(select Count(*),concat(0x7162717671,(select (elt(8148=8148,1))),0x7171627171,floor(rand(0)*2))x From - Information_schema.character_sets Group By X)a)-- Qkgc

{keyword} And (select 8148 From(select Count(),concat(0x7162717671,(select (elt(8148=8148,1))),0x7171627171,floor(rand(0)2))x From - Information_schema.character_sets Group By X)a)-- Qkgc