forked from Ponysearch/Ponysearch
fd814aac86
This patch was inspired by the discussion around PR-2882 [2]. The goals of this patch are: 1. Convert plugin searx.plugin.limiter to normal code [1] 2. isolation of botdetection from the limiter [2] 3. searx/{tools => botdetection}/config.py and drop searx.tools 4. in URL /config, 'limiter.enabled' is true only if the limiter is really enabled (Redis is available). This patch moves all the code that belongs to botdetection into namespace searx.botdetection and code that belongs to limiter is placed in namespace searx.limiter. Tthe limiter used to be a plugin at some point botdetection was added, it was not a plugin. The modularization of these two components was long overdue. With the clear modularization, the documentation could then also be organized according to the architecture. [1] https://github.com/searxng/searxng/pull/2882 [2] https://github.com/searxng/searxng/pull/2882#issuecomment-1741716891 To test: - check the app works without the limiter, check `/config` - check the app works with the limiter and with the token, check `/config` - make docs.live .. and read - http://0.0.0.0:8000/admin/searx.limiter.html - http://0.0.0.0:8000/src/searx.botdetection.html#botdetection Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
40 lines
No EOL
1.1 KiB
TOML
40 lines
No EOL
1.1 KiB
TOML
[real_ip]
|
|
|
|
# Number of values to trust for X-Forwarded-For.
|
|
|
|
x_for = 1
|
|
|
|
# The prefix defines the number of leading bits in an address that are compared
|
|
# to determine whether or not an address is part of a (client) network.
|
|
|
|
ipv4_prefix = 32
|
|
ipv6_prefix = 48
|
|
|
|
[botdetection.ip_limit]
|
|
|
|
# To get unlimited access in a local network, by default link-lokal addresses
|
|
# (networks) are not monitored by the ip_limit
|
|
filter_link_local = false
|
|
|
|
# activate link_token method in the ip_limit method
|
|
link_token = false
|
|
|
|
[botdetection.ip_lists]
|
|
|
|
# In the limiter, the ip_lists method has priority over all other methods -> if
|
|
# an IP is in the pass_ip list, it has unrestricted access and it is also not
|
|
# checked if e.g. the "user agent" suggests a bot (e.g. curl).
|
|
|
|
block_ip = [
|
|
# '93.184.216.34', # IPv4 of example.org
|
|
# '257.1.1.1', # invalid IP --> will be ignored, logged in ERROR class
|
|
]
|
|
|
|
pass_ip = [
|
|
# '192.168.0.0/16', # IPv4 private network
|
|
# 'fe80::/10' # IPv6 linklocal / wins over botdetection.ip_limit.filter_link_local
|
|
]
|
|
|
|
# Activate passlist of (hardcoded) IPs from the SearXNG organization,
|
|
# e.g. `check.searx.space`.
|
|
pass_searxng_org = true |