From f3763d73ad8cf93ea32d7e12713662f7963d950f Mon Sep 17 00:00:00 2001 From: Markus Heiser Date: Sat, 3 Jun 2023 13:43:34 +0200 Subject: [mod] limiter: blocklist and passlist (ip_lists) A blocklist and a passlist can be configured in /etc/searxng/limiter.toml:: [botdetection.ip_lists] pass_ip = [ '51.15.252.168', # IPv4 of check.searx.space ] block_ip = [ '93.184.216.34', # IPv4 of example.org ] Closes: https://github.com/searxng/searxng/issues/2127 Closes: https://github.com/searxng/searxng/pull/2129 Signed-off-by: Markus Heiser --- searx/botdetection/limiter.toml | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) (limited to 'searx/botdetection/limiter.toml') diff --git a/searx/botdetection/limiter.toml b/searx/botdetection/limiter.toml index 71a231e8f..9560ec8f6 100644 --- a/searx/botdetection/limiter.toml +++ b/searx/botdetection/limiter.toml @@ -16,7 +16,25 @@ ipv6_prefix = 48 # (networks) are not monitored by the ip_limit filter_link_local = false -# acrivate link_token method in the ip_limit method +# activate link_token method in the ip_limit method link_token = false +[botdetection.ip_lists] +# In the limiter, the ip_lists method has priority over all other methods -> if +# an IP is in the pass_ip list, it has unrestricted access and it is also not +# checked if e.g. the "user agent" suggests a bot (e.g. curl). + +block_ip = [ + # '93.184.216.34', # IPv4 of example.org + # '257.1.1.1', # invalid IP --> will be ignored, logged in ERROR class +] + +pass_ip = [ + # '192.168.0.0/16', # IPv4 private network + # 'fe80::/10' # IPv6 linklocal / wins over botdetection.ip_limit.filter_link_local +] + +# Activate passlist of (hardcoded) IPs from the SearXNG organization, +# e.g. `check.searx.space`. +pass_searxng_org = true \ No newline at end of file -- cgit v1.2.3