Is it possible to restrict access (say to my IP) to searx?
jdaviescoates last edited by girish
Because the more people use it, the less it works:
Public instances listed here may yield less accurate results as they have much higher traffic and consequently have a higher chance of being blocked by search providers such as Google, Qwant, Bing, Startpage, etc. Hosting your own instance or using an instance that isn't listed here may give you a more consistent search experience.
I'm wondering if that's why Searx basically stopped working for me. I pretty much stopped using it then, but would like to do so again.
@jdaviescoates Currently, there is no way to IP restrict. Can you make a new feature request post? It's probably quite easy to add (just some nginx firewall rule, I assume).
FWIW, you can install it in a non-guessable subdomain If you use wildcard certificates, then the domain name is not logged anywhere in public either (i.e won't be in CT reports).
jdaviescoates last edited by
If you use wildcard certificates,
Just to check you mean not using (in my case) Gandi API but instead just do the wildcard A record, right?
then the domain name is not logged anywhere in public either (i.e won't be in CT reports).
What are CT reports?
(I do actually have one domain currently using a Wildcard so perhaps I'll move my instance to a non guessable sub-domain of that and see how I get on)
@jdaviescoates Correct, if you use Gandi API you are using wildcard certs and good.
When a cert is issued, most of the current certificate providers these days "log" the domain name as part of the https://en.wikipedia.org/wiki/Certificate_Transparency project. These reports can then be scanned later. For example, go to https://crt.sh/ and search for say
%google.com%. This gives various subdomains of google. When you use wildcard certs, only
*.domain.comis logged and thus the subdomain is hidden. So, if you install searx at
mysecretsearch.domain.com, there is no way for anyone to know the subdomain
mysecretsearchsince DNS has no subdomain search.