mirror of https://github.com/searxng/searxng.git
[mod] hardening SearXNG instances by default (formats)
Deny formats has been implemented in 6ed4616d
.
To harden SearXNG instances by default, other formats than HTML should be
denied. Most of JSON, RSS and CSV requests are bots [1]::
Bots are the only users of this feature on a public instance, and they abuse
it too much that the engines rate limit pretty quickly the IP address of the
instance.
[1] https://github.com/searxng/searxng/issues/95
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
This commit is contained in:
parent
e02b5469f0
commit
7b40c736e6
|
@ -27,7 +27,9 @@ search:
|
||||||
# max ban time in seconds after engine errors
|
# max ban time in seconds after engine errors
|
||||||
max_ban_time_on_fail: 120
|
max_ban_time_on_fail: 120
|
||||||
# remove format to deny access, use lower case.
|
# remove format to deny access, use lower case.
|
||||||
formats: [html, csv, json, rss]
|
# formats: [html, csv, json, rss]
|
||||||
|
formats:
|
||||||
|
- html
|
||||||
|
|
||||||
server:
|
server:
|
||||||
port: 8888
|
port: 8888
|
||||||
|
|
Loading…
Reference in New Issue