From 66fdec0eb92bf11c0bc477d6fb1df3dc783e4dcb Mon Sep 17 00:00:00 2001 From: Markus Heiser Date: Fri, 26 May 2023 17:24:43 +0200 Subject: [mod] limiter: add config file /etc/searxng/limiter.toml Signed-off-by: Markus Heiser --- searx/botdetection/limiter.toml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 searx/botdetection/limiter.toml (limited to 'searx/botdetection/limiter.toml') diff --git a/searx/botdetection/limiter.toml b/searx/botdetection/limiter.toml new file mode 100644 index 000000000..30cd1b53c --- /dev/null +++ b/searx/botdetection/limiter.toml @@ -0,0 +1,3 @@ +[botdetection.ip_limit] + +link_token = true \ No newline at end of file -- cgit v1.2.3 From 9d7456fd6c49fbd96f03f6a5dedd6ba05e924d0a Mon Sep 17 00:00:00 2001 From: Markus Heiser Date: Sat, 27 May 2023 18:58:06 +0200 Subject: [fix] limiter.toml: botdetection.ip_limit turn off link_token by default To activate the ``link_token`` method in the ``ip_limit`` method add the following to your ``/etc/searxng/limiter.toml``:: [botdetection.ip_limit] link_token = true Related: https://github.com/searxng/searxng/pull/2357#issuecomment-1554116941 Signed-off-by: Markus Heiser --- searx/botdetection/limiter.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'searx/botdetection/limiter.toml') diff --git a/searx/botdetection/limiter.toml b/searx/botdetection/limiter.toml index 30cd1b53c..28c4e7589 100644 --- a/searx/botdetection/limiter.toml +++ b/searx/botdetection/limiter.toml @@ -1,3 +1,3 @@ [botdetection.ip_limit] -link_token = true \ No newline at end of file +link_token = false \ No newline at end of file -- cgit v1.2.3 From 38431d2e142b7da6a9b48aad203f02a2eff7e6fd Mon Sep 17 00:00:00 2001 From: Markus Heiser Date: Mon, 29 May 2023 19:46:37 +0200 Subject: [fix] correct determination of the IP for the request For correct determination of the IP to the request the function botdetection.get_real_ip() is implemented. This fonction is used in the ip_limit and link_token method of the botdetection and it is used in the self_info plugin. A documentation about the X-Forwarded-For header has been added. [1] https://github.com/searxng/searxng/pull/2357#issuecomment-1566211059 Signed-off-by: Markus Heiser --- searx/botdetection/limiter.toml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'searx/botdetection/limiter.toml') diff --git a/searx/botdetection/limiter.toml b/searx/botdetection/limiter.toml index 28c4e7589..af797d32c 100644 --- a/searx/botdetection/limiter.toml +++ b/searx/botdetection/limiter.toml @@ -1,3 +1,8 @@ [botdetection.ip_limit] -link_token = false \ No newline at end of file +link_token = false + +[real_ip] + +# Number of values to trust for X-Forwarded-For. +x_for = 1 -- cgit v1.2.3 From 281e36f4b7848374535d5e953050ae73423191ca Mon Sep 17 00:00:00 2001 From: Markus Heiser Date: Thu, 1 Jun 2023 15:41:48 +0200 Subject: [fix] limiter: replace real_ip by IPv4/v6 network Closes: https://github.com/searxng/searxng/issues/2477 Signed-off-by: Markus Heiser --- searx/botdetection/limiter.toml | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) (limited to 'searx/botdetection/limiter.toml') diff --git a/searx/botdetection/limiter.toml b/searx/botdetection/limiter.toml index af797d32c..71a231e8f 100644 --- a/searx/botdetection/limiter.toml +++ b/searx/botdetection/limiter.toml @@ -1,8 +1,22 @@ +[real_ip] + +# Number of values to trust for X-Forwarded-For. + +x_for = 1 + +# The prefix defines the number of leading bits in an address that are compared +# to determine whether or not an address is part of a (client) network. + +ipv4_prefix = 32 +ipv6_prefix = 48 + [botdetection.ip_limit] +# To get unlimited access in a local network, by default link-lokal addresses +# (networks) are not monitored by the ip_limit +filter_link_local = false + +# acrivate link_token method in the ip_limit method link_token = false -[real_ip] -# Number of values to trust for X-Forwarded-For. -x_for = 1 -- cgit v1.2.3