summaryrefslogtreecommitdiff
path: root/docs/admin/settings/settings_server.rst
AgeCommit message (Collapse)Author
2025-08-27[fix] typo in the docs about HTML method POST versus GETMarkus Heiser
2025-08-26[doc] fix missing link in ``default_http_headers`` descriptionMarkus Heiser
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de> Format: reST
2025-08-26[doc] adds the missing documentation of the `server.method` settings.Markus Heiser
TL;DR; For all the issues that comes with HTTP POST I recommend instance maintainers to switch to GET and lock the property in the preferences: ```yaml server: method: GET preferences: lock: - method ``` We don't want this in the defaults of the SearXNG distributions for the pros vs cons listed in this discussion: - https://github.com/searxng/searxng/pull/3619
2025-07-09[mod] migrate from Redis to Valkey (#4795)Gaspard d'Hautefeuille
This patch migrates from `redis==5.2.1` [1] to `valkey==6.1.0` [2]. The migration to valkey is necessary because the company behind Redis has decided to abandon the open source license. After experiencing a drop in user numbers, they now want to run it under a dual license again. But this move demonstrates once again how unreliable the company is and how it treats open source developers. To review first, read the docs:: $ make docs.live Follow the instructions to remove redis: - http://0.0.0.0:8000/admin/settings/settings_redis.html Config and install a local valkey DB: - http://0.0.0.0:8000/admin/settings/settings_valkey.html [1] https://pypi.org/project/redis/ [2] https://pypi.org/project/valkey/ Co-authored-by: HLFH <gaspard@dhautefeuille.eu> Co-authored-by: Markus Heiser <markus.heiser@darmarit.de>
2025-05-03[mod] ExpireCache - sqlite based key/value cache with expire timeMarkus Heiser
2025-04-23[mod] include SEARXNG_METHOD environment variableAadniz
2025-04-16[fix] doc of setting server.base_url, env is SEARXNG_BASE_URLMarkus Heiser
Related: - https://github.com/searxng/searxng/issues/4634 Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2024-06-14[feat] docker: add env vars for common public instance settingsholysoles
2024-01-31[mod] remove X-XSS-Protection headersMarkus Heiser
Deprecated header not used by browsers nowadays[1]: """In modern browsers, X-XSS-Protection has been deprecated in favor of the Content-Security-Policy to disable the use of inline JavaScript. Its use can introduce XSS vulnerabilities in otherwise safe websites. This should not be used unless you need to support older web browsers that don’t yet support CSP. It is thus recommended to set the header as X-XSS-Protection: 0."""[2] [1] https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection [2] https://infosec.mozilla.org/guidelines/web_security#x-xss-protection Closes: https://github.com/searxng/searxng/issues/3171 Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2024-01-09[mod] get rid of ./utils/brand.env and its workflowMarkus Heiser
All the environments defined in ./utils/brand.env are generated on the fly, so there is no longer a need to define the brand environment in this file and all the workflows to handle this file. Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2023-11-01[mod] document server:public_instance & remove it out of the botdetectionMarkus Heiser
- the option server:public_instance lacks some documentation - the processing of this option belongs in the limiter and not in botdetection module Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2023-11-01[mod] isolation of botdetection from the limiterMarkus Heiser
This patch was inspired by the discussion around PR-2882 [2]. The goals of this patch are: 1. Convert plugin searx.plugin.limiter to normal code [1] 2. isolation of botdetection from the limiter [2] 3. searx/{tools => botdetection}/config.py and drop searx.tools 4. in URL /config, 'limiter.enabled' is true only if the limiter is really enabled (Redis is available). This patch moves all the code that belongs to botdetection into namespace searx.botdetection and code that belongs to limiter is placed in namespace searx.limiter. Tthe limiter used to be a plugin at some point botdetection was added, it was not a plugin. The modularization of these two components was long overdue. With the clear modularization, the documentation could then also be organized according to the architecture. [1] https://github.com/searxng/searxng/pull/2882 [2] https://github.com/searxng/searxng/pull/2882#issuecomment-1741716891 To test: - check the app works without the limiter, check `/config` - check the app works with the limiter and with the token, check `/config` - make docs.live .. and read - http://0.0.0.0:8000/admin/searx.limiter.html - http://0.0.0.0:8000/src/searx.botdetection.html#botdetection Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2023-07-01[doc] rearranges Settings & Engines docs for better readabilityMarkus Heiser
We have built up detailed documentation of the *settings* and the *engines* over the past few years. However, this documentation was still spread over various chapters and was difficult to navigate in its entirety. This patch rearranges the Settings & Engines documentation for better readability. To review new ordered docs:: make docs.clean docs.live Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-04 00:27:37 +0000