forked from zaclys/searxng
[mod] hardening SearXNG instances by default (formats)
Deny formats has been implemented in 6ed4616d
.
To harden SearXNG instances by default, other formats than HTML should be
denied. Most of JSON, RSS and CSV requests are bots [1]::
Bots are the only users of this feature on a public instance, and they abuse
it too much that the engines rate limit pretty quickly the IP address of the
instance.
[1] https://github.com/searxng/searxng/issues/95
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
This commit is contained in:
parent
e02b5469f0
commit
7b40c736e6
@ -27,7 +27,9 @@ search:
|
||||
# max ban time in seconds after engine errors
|
||||
max_ban_time_on_fail: 120
|
||||
# remove format to deny access, use lower case.
|
||||
formats: [html, csv, json, rss]
|
||||
# formats: [html, csv, json, rss]
|
||||
formats:
|
||||
- html
|
||||
|
||||
server:
|
||||
port: 8888
|
||||
|
Loading…
Reference in New Issue
Block a user