searxng/searx/botdetection
Markus Heiser 80af38d37b [mod] increase SUSPICIOUS_IP_WINDOW from one day to 30 days
In my tests I see bots rotating IPs (with endless IP lists).  If such a bot has
100 IPs and has three attempts (SUSPICIOUS_IP_MAX = 3) then it can successfully
send up to 300 requests in one day while rotating the IP.  To block the bots for
a longer period of time the SUSPICIOUS_IP_WINDOW, as the time period in which an
IP is observed, must be increased.

For normal WEB-browsers this is no problem, because the SUSPICIOUS_IP_WINDOW is
deleted as soon as the CSS with the token is loaded.

SUSPICIOUS_IP_WINDOW = 3600 * 24 * 30
  Time (sec) before sliding window for one suspicious IP expires.

SUSPICIOUS_IP_MAX = 3
  Maximum requests from one suspicious IP in the :py:obj:`SUSPICIOUS_IP_WINDOW`."""

Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2023-06-01 16:00:49 +02:00
..
__init__.py [fix] limiter: replace real_ip by IPv4/v6 network 2023-06-01 15:51:14 +02:00
_helpers.py [fix] limiter: replace real_ip by IPv4/v6 network 2023-06-01 15:51:14 +02:00
http_accept.py [fix] limiter: replace real_ip by IPv4/v6 network 2023-06-01 15:51:14 +02:00
http_accept_encoding.py [fix] limiter: replace real_ip by IPv4/v6 network 2023-06-01 15:51:14 +02:00
http_accept_language.py [fix] limiter: replace real_ip by IPv4/v6 network 2023-06-01 15:51:14 +02:00
http_connection.py [fix] limiter: replace real_ip by IPv4/v6 network 2023-06-01 15:51:14 +02:00
http_user_agent.py [fix] limiter: replace real_ip by IPv4/v6 network 2023-06-01 15:51:14 +02:00
ip_limit.py [mod] increase SUSPICIOUS_IP_WINDOW from one day to 30 days 2023-06-01 16:00:49 +02:00
limiter.py [fix] limiter: replace real_ip by IPv4/v6 network 2023-06-01 15:51:14 +02:00
limiter.toml [fix] limiter: replace real_ip by IPv4/v6 network 2023-06-01 15:51:14 +02:00
link_token.py [fix] limiter: replace real_ip by IPv4/v6 network 2023-06-01 15:51:14 +02:00