diff options
| author | Markus Heiser <markus.heiser@darmarit.de> | 2023-06-01 16:00:49 +0200 |
|---|---|---|
| committer | Markus Heiser <markus.heiser@darmarit.de> | 2023-06-01 16:00:49 +0200 |
| commit | 80af38d37b21dc6e5edbf27bd22310db42a6f923 (patch) | |
| tree | ef94acf0f689052d2b98c50095283d0cdfbf6a8f /searx/botdetection | |
| parent | 281e36f4b7848374535d5e953050ae73423191ca (diff) | |
| download | searxng-80af38d37b21dc6e5edbf27bd22310db42a6f923.tar.gz searxng-80af38d37b21dc6e5edbf27bd22310db42a6f923.zip | |
[mod] increase SUSPICIOUS_IP_WINDOW from one day to 30 days
In my tests I see bots rotating IPs (with endless IP lists). If such a bot has
100 IPs and has three attempts (SUSPICIOUS_IP_MAX = 3) then it can successfully
send up to 300 requests in one day while rotating the IP. To block the bots for
a longer period of time the SUSPICIOUS_IP_WINDOW, as the time period in which an
IP is observed, must be increased.
For normal WEB-browsers this is no problem, because the SUSPICIOUS_IP_WINDOW is
deleted as soon as the CSS with the token is loaded.
SUSPICIOUS_IP_WINDOW = 3600 * 24 * 30
Time (sec) before sliding window for one suspicious IP expires.
SUSPICIOUS_IP_MAX = 3
Maximum requests from one suspicious IP in the :py:obj:`SUSPICIOUS_IP_WINDOW`."""
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
Diffstat (limited to 'searx/botdetection')
| -rw-r--r-- | searx/botdetection/ip_limit.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/searx/botdetection/ip_limit.py b/searx/botdetection/ip_limit.py index 46e026371..bb4229f0e 100644 --- a/searx/botdetection/ip_limit.py +++ b/searx/botdetection/ip_limit.py @@ -82,7 +82,7 @@ API_WONDOW = 3600 API_MAX = 4 """Maximum requests from one IP in the :py:obj:`API_WONDOW`""" -SUSPICIOUS_IP_WINDOW = 3600 * 24 +SUSPICIOUS_IP_WINDOW = 3600 * 24 * 30 """Time (sec) before sliding window for one suspicious IP expires.""" SUSPICIOUS_IP_MAX = 3 |