diff options
| author | Markus Heiser <markus.heiser@darmarit.de> | 2023-06-01 16:00:49 +0200 |
|---|---|---|
| committer | Markus Heiser <markus.heiser@darmarit.de> | 2023-06-01 16:00:49 +0200 |
| commit | 80af38d37b21dc6e5edbf27bd22310db42a6f923 (patch) | |
| tree | ef94acf0f689052d2b98c50095283d0cdfbf6a8f /requirements.txt | |
| parent | 281e36f4b7848374535d5e953050ae73423191ca (diff) | |
| download | searxng-80af38d37b21dc6e5edbf27bd22310db42a6f923.tar.gz searxng-80af38d37b21dc6e5edbf27bd22310db42a6f923.zip | |
[mod] increase SUSPICIOUS_IP_WINDOW from one day to 30 days
In my tests I see bots rotating IPs (with endless IP lists). If such a bot has
100 IPs and has three attempts (SUSPICIOUS_IP_MAX = 3) then it can successfully
send up to 300 requests in one day while rotating the IP. To block the bots for
a longer period of time the SUSPICIOUS_IP_WINDOW, as the time period in which an
IP is observed, must be increased.
For normal WEB-browsers this is no problem, because the SUSPICIOUS_IP_WINDOW is
deleted as soon as the CSS with the token is loaded.
SUSPICIOUS_IP_WINDOW = 3600 * 24 * 30
Time (sec) before sliding window for one suspicious IP expires.
SUSPICIOUS_IP_MAX = 3
Maximum requests from one suspicious IP in the :py:obj:`SUSPICIOUS_IP_WINDOW`."""
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
Diffstat (limited to 'requirements.txt')
0 files changed, 0 insertions, 0 deletions