forked from zaclys/searxng
80af38d37b
In my tests I see bots rotating IPs (with endless IP lists). If such a bot has 100 IPs and has three attempts (SUSPICIOUS_IP_MAX = 3) then it can successfully send up to 300 requests in one day while rotating the IP. To block the bots for a longer period of time the SUSPICIOUS_IP_WINDOW, as the time period in which an IP is observed, must be increased. For normal WEB-browsers this is no problem, because the SUSPICIOUS_IP_WINDOW is deleted as soon as the CSS with the token is loaded. SUSPICIOUS_IP_WINDOW = 3600 * 24 * 30 Time (sec) before sliding window for one suspicious IP expires. SUSPICIOUS_IP_MAX = 3 Maximum requests from one suspicious IP in the :py:obj:`SUSPICIOUS_IP_WINDOW`.""" Signed-off-by: Markus Heiser <markus.heiser@darmarit.de> |
||
---|---|---|
.. | ||
__init__.py | ||
_helpers.py | ||
http_accept_encoding.py | ||
http_accept_language.py | ||
http_accept.py | ||
http_connection.py | ||
http_user_agent.py | ||
ip_limit.py | ||
limiter.py | ||
limiter.toml | ||
link_token.py |