searxngRebrandZaclys/docs/admin/installation-apache.rst

1.9 KiB

Install with apache

public HTTP servers

On public searx instances use an application firewall (filtron <filtron.sh>).

Contents

Add wsgi mod

Ubuntu / debian

sudo -H apt-get install libapache2-mod-uwsgi
sudo -H a2enmod uwsgi

Add this configuration in the file /etc/apache2/apache2.conf. To limit acces to your intranet replace Allow from all directive and replace 192.168.0.0/16 with your subnet IP/class.

Note that if your instance of searx is not at the root, you should change <Location /> by the location of your instance, like <Location /searx>:

# CustomLog /dev/null combined

<IfModule mod_uwsgi.c>

  <Location />

       Options FollowSymLinks Indexes
       SetHandler uwsgi-handler
       uWSGISocket /run/uwsgi/app/searx/socket

       Order deny,allow
       Deny from all
       # Allow from fd00::/8 192.168.0.0/16 fe80::/10 127.0.0.0/8 ::1
       Allow from all

  </Location>

</IfModule>

Enable apache mod_uwsgi and restart apache:

Ubuntu / debian

a2enmod uwsgi
sudo -H systemctl restart apache2

disable logs

For better privacy you can disable Apache logs. Go back to /etc/apache2/apache2.conf [example] <inranet apache site> and above <Location /> activate directive:

CustomLog /dev/null combined

Restart apache:

Ubuntu / debian

sudo -H systemctl restart apache2

Warning

You can only disable logs for the whole (virtual) server not for a specific path.