summaryrefslogtreecommitdiff
path: root/utils/templates/etc/nginx/default.apps-available
AgeCommit message (Collapse)Author
2025-08-10[fix] replace X-Scheme by X-Forwarded-Proto header (#5107)Markus Heiser
The HTTP X-Forwarded-Proto (XFP) request header is a *de-facto* standard header for identifying the protocol (HTTP or HTTPS) that a client used to connect to a proxy or load balancer.[1] The ``X-Scheme`` header was added 10 years ago, why ``X-Scheme`` was used back then and not ``X-Forwarded-Proto``, nobody knows today / possibly because ``X-Forwarded-Proto`` wasn't a *de-facto* standard back then. [1] https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Forwarded-Proto [2] https://github.com/searx/searx/commit/6ef7c3276
2025-07-11[mod] remove option ui.static_use_hash (cache busting) (#5004)Markus Heiser
Cache busting has caused serious problems for users in the past, here are two examples: - https://github.com/searxng/searxng/issues/4419 - https://github.com/searxng/searxng/issues/4481 And it makes development and deployment significantly more complex because it binds the client side to the server side: - https://github.com/searxng/searxng/pull/4466 In the light of a decoupled development of the WEB clients from the server side: - https://github.com/searxng/searxng/pull/4988 is it appropriate to abandon this feature. In fact, it has been ineffective since #4436 anyway. However, the benefit has always been questionable, since at best only a few kB of data are saved (at least in the context of an image_proxy, the effect is below the detection limit). Ultimately, the client is responsible for caching. Related: https://github.com/searxng/searxng/issues?q=label%3A%22clear%20browser%20cache%22 Closes: https://github.com/searxng/searxng/pull/4466 Closes: https://github.com/searxng/searxng/issues/1326 Closes: https://github.com/searxng/searxng/issues/964 Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2022-07-30[clean up] drop obsolete searx, filtron and morty install scriptsMarkus Heiser
Since ./utils/searxng.sh is implemented, the old installation procedures from filtron, morty and searx can be removed. For users who want to upgrade, the procedures for removing old installations have still been retained. Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2022-07-30[utils/searxng.sh] implement new script to install SearXNGMarkus Heiser
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2022-07-30[install scripts] rename SEARX_<name> variables to SEARXNG_<name>Markus Heiser
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2021-10-30[brand] SearXNG - nginx & apache searxng.conf, uwsgi searxng.confMarkus Heiser
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2021-10-30[brand] SearXNG - bash env SEARXNG_URLMarkus Heiser
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2021-03-04Use $host in nginx morty.conf templateAlex Balgavy
2021-03-03Fix security vulnerabilities in suggested nginx configurationAlex Balgavy
The suggested configurations for nginx found in the documentation and templates lead to vulnerabilities allowing host spoofing [1] and path traversal [2], as reported by Gixy [3]. This commit fixes those issues. [1] https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md [2] https://github.com/yandex/gixy/blob/master/docs/en/plugins/aliastraversal.md [3] https://github.com/yandex/gixy
2020-04-11nginx: normalize installation (docs and script)s over all distrosMarkus Heiser
This is the revision of the documentation about the varous nginx installation variants. It also implements the nginx installation scripts for morty and filtron. Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-04 01:22:37 +0000