diff --git a/src/db/post.rs b/src/db/post.rs
index 379b6e6..8dfd198 100755
--- a/src/db/post.rs
+++ b/src/db/post.rs
@@ -284,7 +284,7 @@ impl Post {
         page: i64,
     ) -> Result<Vec<Self>, NekrochanError> {
         let posts = query_as(&format!(
-            "SELECT * FROM posts_{} WHERE LOWER(content_nomarkup) LIKE LOWER($1) LIMIT $2 OFFSET $3",
+            "SELECT * FROM posts_{} WHERE LOWER(content_nomarkup) LIKE LOWER($1) ORDER BY created DESC LIMIT $2 OFFSET $3",
             board.id
         ))
         .bind(format!("%{query}%"))
@@ -302,7 +302,7 @@ impl Post {
         page: i64,
     ) -> Result<Vec<Self>, NekrochanError> {
         let posts =
-            query_as("SELECT * FROM overboard WHERE LOWER(content_nomarkup) LIKE LOWER($1) LIMIT $2 OFFSET $3")
+            query_as("SELECT * FROM overboard WHERE LOWER(content_nomarkup) LIKE LOWER($1) ORDER BY created DESC LIMIT $2 OFFSET $3")
                 .bind(format!("%{query}%"))
                 .bind(GENERIC_PAGE_SIZE)
                 .bind((page - 1) * GENERIC_PAGE_SIZE)
diff --git a/src/error.rs b/src/error.rs
index 6ec536d..97f4b5e 100755
--- a/src/error.rs
+++ b/src/error.rs
@@ -84,6 +84,8 @@ pub enum NekrochanError {
     PostNameFormatError,
     #[error("Příspěvek /{}/{} neexistuje.", .0, .1)]
     PostNotFound(String, i64),
+    #[error("Hledaný termín musí mít 1-256 znaků.")]
+    QueryFormatError,
     #[error("Vlákno dosáhlo limitu odpovědí.")]
     ReplyLimitError,
     #[error("Hlášení můsí mít 1-200 znaků.")]
@@ -255,6 +257,7 @@ impl ResponseError for NekrochanError {
             NekrochanError::PasswordFormatError => StatusCode::BAD_REQUEST,
             NekrochanError::PostNameFormatError => StatusCode::BAD_REQUEST,
             NekrochanError::PostNotFound(_, _) => StatusCode::NOT_FOUND,
+            NekrochanError::QueryFormatError => StatusCode::BAD_REQUEST,
             NekrochanError::ReplyLimitError => StatusCode::FORBIDDEN,
             NekrochanError::ReportFormatError => StatusCode::BAD_REQUEST,
             NekrochanError::RequiredCaptchaError => StatusCode::UNAUTHORIZED,
diff --git a/src/web/search.rs b/src/web/search.rs
index 720cf9f..10e1b25 100644
--- a/src/web/search.rs
+++ b/src/web/search.rs
@@ -65,6 +65,10 @@ pub async fn search(
 
     let query = query.query;
 
+    if query.is_empty() || query.len() > 256 {
+        return Err(NekrochanError::QueryFormatError);
+    }
+
     let posts = if let Some(board) = &board_opt {
         Post::read_by_query(&ctx, board, query.clone(), page).await?
     } else {
diff --git a/templates/base.html b/templates/base.html
index 9209776..75b2019 100755
--- a/templates/base.html
+++ b/templates/base.html
@@ -9,14 +9,6 @@
         <meta name="description" content="{{ tcx.cfg.site.description }}">
         <link rel="stylesheet" href="/static/themes/{% block theme %}{{ tcx.cfg.site.theme }}{% endblock %}">
         <link rel="stylesheet" href="/static/style.css">
-        <script src="/static/js/jquery.min.js"></script>
-        <!-- UX scripts -->
-        <script src="/static/js/autofill.js"></script>
-        <script src="/static/js/expand.js"></script>
-        <script src="/static/js/hover.js"></script>
-        <script src="/static/js/quote.js"></script>
-        <script src="/static/js/time.js"></script>
-        {% block scripts %}{% endblock %}
     </head>
     <body>
         <div id="top"></div>
@@ -64,5 +56,12 @@
             </div>
         </div>
         <div id="bottom"></div>
+        <script src="/static/js/jquery.min.js"></script>
+        <script src="/static/js/autofill.js"></script>
+        <script src="/static/js/expand.js"></script>
+        <script src="/static/js/hover.js"></script>
+        <script src="/static/js/quote.js"></script>
+        <script src="/static/js/time.js"></script>
+        {% block scripts %}{% endblock %}
     </body>
 </html>