[fix] correct determination of the IP for the request

For correct determination of the IP to the request the function botdetection.get_real_ip() is implemented. This fonction is used in the ip_limit and link_token method of the botdetection and it is used in the self_info plugin. A documentation about the X-Forwarded-For header has been added. [1] https://github.com/searxng/searxng/pull/2357#issuecomment-1566211059 Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2023-05-29 19:46:37 +02:00 · 2023-05-29 19:46:37 +02:00 · 38431d2e14
commit 38431d2e14
parent b8c7c2c9aa
6 changed files with 42 additions and 41 deletions
--- a/searx/botdetection/init.py
+++ b/searx/botdetection/init.py
@ -2,11 +2,25 @@
 # lint: pylint
 """.. _botdetection src:

-Bot detection methods
---------------------
+X-Forwarded-For
+===============

-The methods implemented in this python package are use by the :ref:`limiter src`.
+.. attention::
+
+   A correct setup of the HTTP request headers ``X-Forwarded-For`` and
+   ``X-Real-IP`` is essential to be able to assign a request to an IP correctly:
+
+   - `NGINX RequestHeader`_
+   - `Apache RequestHeader`_
+
+.. _NGINX RequestHeader:
+    https://docs.searxng.org/admin/installation-nginx.html#nginx-s-searxng-site
+.. _Apache RequestHeader:
+    https://docs.searxng.org/admin/installation-apache.html#apache-s-searxng-site
+
+.. autofunction:: searx.botdetection.get_real_ip

 """

 from ._helpers import dump_request
+from ._helpers import get_real_ip