| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172 |
-
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <title>How to protect an instance — searx 0.12.0 documentation</title>
- <link rel="stylesheet" href="../_static/style.css" type="text/css" />
- <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
- <script type="text/javascript">
- var DOCUMENTATION_OPTIONS = {
- URL_ROOT: '../',
- VERSION: '0.12.0',
- COLLAPSE_INDEX: false,
- FILE_SUFFIX: '.html',
- HAS_SOURCE: true,
- SOURCELINK_SUFFIX: '.txt'
- };
- </script>
- <script type="text/javascript" src="../_static/jquery.js"></script>
- <script type="text/javascript" src="../_static/underscore.js"></script>
- <script type="text/javascript" src="../_static/doctools.js"></script>
- <link rel="index" title="Index" href="../genindex.html" />
- <link rel="search" title="Search" href="../search.html" />
- <link rel="next" title="How to setup result proxy" href="morty.html" />
- <link rel="prev" title="Administration API" href="api.html" />
-
-
- <link media="only screen and (max-device-width: 480px)" href="../_static/small_flask.css" type= "text/css" rel="stylesheet" />
- <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9">
-
- </head>
- <body>
-
- <div class="document">
- <div class="documentwrapper">
- <div class="bodywrapper">
- <div class="body" role="main">
-
- <div class="section" id="how-to-protect-an-instance">
- <h1>How to protect an instance<a class="headerlink" href="#how-to-protect-an-instance" title="Permalink to this headline">¶</a></h1>
- <p>Searx depens on external search services. To avoid the abuse of these services it is advised to limit the number of requests processed by searx.</p>
- <p>An application firewall, <code class="docutils literal"><span class="pre">filtron</span></code> solves exactly this problem. Information on how to install it can be found at the <a class="reference external" href="https://github.com/asciimoo/filtron">project page of filtron</a>.</p>
- <div class="section" id="sample-configuration-of-filtron">
- <h2>Sample configuration of filtron<a class="headerlink" href="#sample-configuration-of-filtron" title="Permalink to this headline">¶</a></h2>
- <p>An example configuration can be find below. This configuration limits the access of</p>
- <blockquote>
- <div><ul class="simple">
- <li>scripts or applications (roboagent limit)</li>
- <li>webcrawlers (botlimit)</li>
- <li>IPs which send too many requests (IP limit)</li>
- <li>too many json, csv, etc. requests (rss/json limit)</li>
- <li>the same UserAgent of if too many requests (useragent limit)</li>
- </ul>
- </div></blockquote>
- <div class="code json highlight-default"><div class="highlight"><pre><span></span><span class="p">[</span>
- <span class="p">{</span>
- <span class="s2">"name"</span><span class="p">:</span> <span class="s2">"search request"</span><span class="p">,</span>
- <span class="s2">"filters"</span><span class="p">:</span> <span class="p">[</span><span class="s2">"Param:q"</span><span class="p">,</span> <span class="s2">"Path=^(/|/search)$"</span><span class="p">],</span>
- <span class="s2">"interval"</span><span class="p">:</span> <span class="o"><</span><span class="n">time</span><span class="o">-</span><span class="n">interval</span><span class="o">-</span><span class="ow">in</span><span class="o">-</span><span class="n">sec</span><span class="o">></span><span class="p">,</span>
- <span class="s2">"limit"</span><span class="p">:</span> <span class="o"><</span><span class="nb">max</span><span class="o">-</span><span class="n">request</span><span class="o">-</span><span class="n">number</span><span class="o">-</span><span class="ow">in</span><span class="o">-</span><span class="n">interval</span><span class="o">></span><span class="p">,</span>
- <span class="s2">"subrules"</span><span class="p">:</span> <span class="p">[</span>
- <span class="p">{</span>
- <span class="s2">"name"</span><span class="p">:</span> <span class="s2">"roboagent limit"</span><span class="p">,</span>
- <span class="s2">"interval"</span><span class="p">:</span> <span class="o"><</span><span class="n">time</span><span class="o">-</span><span class="n">interval</span><span class="o">-</span><span class="ow">in</span><span class="o">-</span><span class="n">sec</span><span class="o">></span><span class="p">,</span>
- <span class="s2">"limit"</span><span class="p">:</span> <span class="o"><</span><span class="nb">max</span><span class="o">-</span><span class="n">request</span><span class="o">-</span><span class="n">number</span><span class="o">-</span><span class="ow">in</span><span class="o">-</span><span class="n">interval</span><span class="o">></span><span class="p">,</span>
- <span class="s2">"filters"</span><span class="p">:</span> <span class="p">[</span><span class="s2">"Header:User-Agent=(curl|cURL|Wget|python-requests|Scrapy|FeedFetcher|Go-http-client)"</span><span class="p">],</span>
- <span class="s2">"actions"</span><span class="p">:</span> <span class="p">[</span>
- <span class="p">{</span><span class="s2">"name"</span><span class="p">:</span> <span class="s2">"block"</span><span class="p">,</span>
- <span class="s2">"params"</span><span class="p">:</span> <span class="p">{</span><span class="s2">"message"</span><span class="p">:</span> <span class="s2">"Rate limit exceeded"</span><span class="p">}}</span>
- <span class="p">]</span>
- <span class="p">},</span>
- <span class="p">{</span>
- <span class="s2">"name"</span><span class="p">:</span> <span class="s2">"botlimit"</span><span class="p">,</span>
- <span class="s2">"limit"</span><span class="p">:</span> <span class="mi">0</span><span class="p">,</span>
- <span class="s2">"stop"</span><span class="p">:</span> <span class="n">true</span><span class="p">,</span>
- <span class="s2">"filters"</span><span class="p">:</span> <span class="p">[</span><span class="s2">"Header:User-Agent=(Googlebot|bingbot|Baiduspider|yacybot|YandexMobileBot|YandexBot|Yahoo! Slurp|MJ12bot|AhrefsBot|archive.org_bot|msnbot|MJ12bot|SeznamBot|linkdexbot|Netvibes|SMTBot|zgrab|James BOT)"</span><span class="p">],</span>
- <span class="s2">"actions"</span><span class="p">:</span> <span class="p">[</span>
- <span class="p">{</span><span class="s2">"name"</span><span class="p">:</span> <span class="s2">"block"</span><span class="p">,</span>
- <span class="s2">"params"</span><span class="p">:</span> <span class="p">{</span><span class="s2">"message"</span><span class="p">:</span> <span class="s2">"Rate limit exceeded"</span><span class="p">}}</span>
- <span class="p">]</span>
- <span class="p">},</span>
- <span class="p">{</span>
- <span class="s2">"name"</span><span class="p">:</span> <span class="s2">"IP limit"</span><span class="p">,</span>
- <span class="s2">"interval"</span><span class="p">:</span> <span class="o"><</span><span class="n">time</span><span class="o">-</span><span class="n">interval</span><span class="o">-</span><span class="ow">in</span><span class="o">-</span><span class="n">sec</span><span class="o">></span><span class="p">,</span>
- <span class="s2">"limit"</span><span class="p">:</span> <span class="o"><</span><span class="nb">max</span><span class="o">-</span><span class="n">request</span><span class="o">-</span><span class="n">number</span><span class="o">-</span><span class="ow">in</span><span class="o">-</span><span class="n">interval</span><span class="o">></span><span class="p">,</span>
- <span class="s2">"stop"</span><span class="p">:</span> <span class="n">true</span><span class="p">,</span>
- <span class="s2">"aggregations"</span><span class="p">:</span> <span class="p">[</span><span class="s2">"Header:X-Forwarded-For"</span><span class="p">],</span>
- <span class="s2">"actions"</span><span class="p">:</span> <span class="p">[</span>
- <span class="p">{</span><span class="s2">"name"</span><span class="p">:</span> <span class="s2">"block"</span><span class="p">,</span>
- <span class="s2">"params"</span><span class="p">:</span> <span class="p">{</span><span class="s2">"message"</span><span class="p">:</span> <span class="s2">"Rate limit exceeded"</span><span class="p">}}</span>
- <span class="p">]</span>
- <span class="p">},</span>
- <span class="p">{</span>
- <span class="s2">"name"</span><span class="p">:</span> <span class="s2">"rss/json limit"</span><span class="p">,</span>
- <span class="s2">"interval"</span><span class="p">:</span> <span class="o"><</span><span class="n">time</span><span class="o">-</span><span class="n">interval</span><span class="o">-</span><span class="ow">in</span><span class="o">-</span><span class="n">sec</span><span class="o">></span><span class="p">,</span>
- <span class="s2">"limit"</span><span class="p">:</span> <span class="o"><</span><span class="nb">max</span><span class="o">-</span><span class="n">request</span><span class="o">-</span><span class="n">number</span><span class="o">-</span><span class="ow">in</span><span class="o">-</span><span class="n">interval</span><span class="o">></span><span class="p">,</span>
- <span class="s2">"stop"</span><span class="p">:</span> <span class="n">true</span><span class="p">,</span>
- <span class="s2">"filters"</span><span class="p">:</span> <span class="p">[</span><span class="s2">"Param:format=(csv|json|rss)"</span><span class="p">],</span>
- <span class="s2">"actions"</span><span class="p">:</span> <span class="p">[</span>
- <span class="p">{</span><span class="s2">"name"</span><span class="p">:</span> <span class="s2">"block"</span><span class="p">,</span>
- <span class="s2">"params"</span><span class="p">:</span> <span class="p">{</span><span class="s2">"message"</span><span class="p">:</span> <span class="s2">"Rate limit exceeded"</span><span class="p">}}</span>
- <span class="p">]</span>
- <span class="p">},</span>
- <span class="p">{</span>
- <span class="s2">"name"</span><span class="p">:</span> <span class="s2">"useragent limit"</span><span class="p">,</span>
- <span class="s2">"interval"</span><span class="p">:</span> <span class="o"><</span><span class="n">time</span><span class="o">-</span><span class="n">interval</span><span class="o">-</span><span class="ow">in</span><span class="o">-</span><span class="n">sec</span><span class="o">></span><span class="p">,</span>
- <span class="s2">"limit"</span><span class="p">:</span> <span class="o"><</span><span class="nb">max</span><span class="o">-</span><span class="n">request</span><span class="o">-</span><span class="n">number</span><span class="o">-</span><span class="ow">in</span><span class="o">-</span><span class="n">interval</span><span class="o">></span><span class="p">,</span>
- <span class="s2">"aggregations"</span><span class="p">:</span> <span class="p">[</span><span class="s2">"Header:User-Agent"</span><span class="p">],</span>
- <span class="s2">"actions"</span><span class="p">:</span> <span class="p">[</span>
- <span class="p">{</span><span class="s2">"name"</span><span class="p">:</span> <span class="s2">"block"</span><span class="p">,</span>
- <span class="s2">"params"</span><span class="p">:</span> <span class="p">{</span><span class="s2">"message"</span><span class="p">:</span> <span class="s2">"Rate limit exceeded"</span><span class="p">}}</span>
- <span class="p">]</span>
- <span class="p">}</span>
- <span class="p">]</span>
- <span class="p">}</span>
- <span class="p">]</span>
- </pre></div>
- </div>
- </div>
- <div class="section" id="route-request-through-filtron">
- <h2>Route request through filtron<a class="headerlink" href="#route-request-through-filtron" title="Permalink to this headline">¶</a></h2>
- <p>Filtron can be started using the following command:</p>
- <div class="code bash highlight-default"><div class="highlight"><pre><span></span>$ filtron -rules rules.json
- </pre></div>
- </div>
- <p>It listens on 127.0.0.1:4004 and forwards filtered requests to 127.0.0.1:8888 by default.</p>
- <p>Use it along with <code class="docutils literal"><span class="pre">nginx</span></code> with the following example configuration.</p>
- <div class="code bash highlight-default"><div class="highlight"><pre><span></span>location / {
- proxy_set_header Host $http_host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Scheme $scheme;
- proxy_pass http://127.0.0.1:4004/;
- }
- </pre></div>
- </div>
- <p>Requests are coming from port 4004 going through filtron and then forwarded to port 8888 where a searx is being run.</p>
- </div>
- </div>
-
-
- </div>
- </div>
- </div>
- <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
- <div class="sphinxsidebarwrapper"><div class="sidebar_container body">
- <h1>Searx</h1>
- <ul>
- <li><a href="../index.html">Home</a></li>
- <li><a href="https://github.com/asciimoo/searx">Source</a></li>
- <li><a href="../blog/blog.html">Blog</a></li>
- <li><a href="https://github.com/asciimoo/searx/wiki">Wiki</a></li>
- <li><a href="https://github.com/asciimoo/searx/wiki/Searx-instances">Public instances</a></li>
- </ul>
- <hr />
- <ul>
- <li><a href="https://twitter.com/Searx_engine">Twitter</a></li>
- <li><a href="https://flattr.com/submit/auto?user_id=asciimoo&url=https://github.com/asciimoo/searx&title=searx&language=&tags=github&category=software">Flattr</a></li>
- <li><a href="https://gratipay.com/searx">Gratipay</a></li>
- </ul>
- </div>
- </div>
- </div>
- <div class="clearer"></div>
- </div>
- <div class="footer">
- © Copyright 2015-2017, Adam Tauber.
- </div>
- </body>
- </html>
|
