Add https://search.kvj.ovh

[kuj0nell0]

Requirements (make sure to read all of them)

• [X] It is my instance. I bought the domain myself and I own this domain. Free domains (e.g. Freenom) and shared domains (e.g. noip.com) are not allowed.
• [X] I'll keep my instance up to date, at the very least 1 week old. Example program for keeping up to date: watchtower, cron, ouroboros.
• [X] I give the right to check.searx.space to check my instance (every 3 hours for the response times, every 24 hours for the other tests).
• [X] I acknowledge that managing a public instance is not an easy task and require spending time to keep the instance in good health. E.g. look after your instance by using a monitoring system.
• [X] I guarantee to keep an uptime per month of my instance at minimum 90%. Please ask for a removal of your instance if there is a planned long downtime or notify us here for a short downtime.
• [X] I do not track the users of my instance with any analytics or tracking software.
• [X] I won't try to manipulate the ranking of my instance in a way that give an unfair advantage over the other public instances in the list. (e.g. caching requests for searx.space server)
• [X] I control the final webserver (software) that is serving the requests to the users of my instance. Here is a non-exhaustive list of forbidden hosting types: Cloudflare, PaaS, managed (hosting provider controlled) HTTP(S) load balancer (e.g. AWS ALB), shared Web hosting. TCP load balancer is fine. Cloudflare DNS only (grey cloud) is fine.
• [X] If needed, I can restrict users from accessing my instance for the only sole reason of keeping my instance in working conditions for the other users (detailed description - evidence need to be provided when asked). Other means of restriction is forbidden.

Bot protection requirement

• [X] Yes I have configured the server.public_instance parameter.

Source code URL

No response

Comment

using docker: searxng/searxng:latest

[github-actions[bot]]

@maintainers Warning, instance found in the commit history, make sure to wait 1 week before adding the instance if needed. See here for more information: https://github.com/searxng/searx-instances#add-a-previously-submitted-instance

Commit ID: 0284c37b7ca8e9e3ebc2d259f9e93567836791e0
 - Date: Fri Feb 10 09:49:10 2023 +0000
 - Description: remove opnxng.com and search.kvj.ovh bad uptime
 - Author: Émilien Devos (perso)

Commit ID: 07441c3fa3fcd8f7d1794d2f141ff476c8f79f4a
 - Date: Sun Oct 30 06:10:37 2022 +0000
 - Description: Update search.kvj.ovh with searx.kujonello.cf
 - Author: ononoki

[github-actions[bot]]

Please consider joining our Matrix room for public instance maintainers by joining our Matrix room: https://matrix.to/#/#searxng:matrix.org then pinging @ unixfox, @ dalf and @ mrpaulblack for asking to be invited to the Matrix room. We discuss troubles managing a public instance, sharing some advices (like how to protect against bots), announcing big changes in searxng and more.

[ononoki1]

Hi @kuj0nell0, your TLS grade is only F. Please at least get an E grade for your instance to be added.

[unixfox]

Closing due to lack of replies.

[kuj0nell0]

@ononoki1 @unixfox Hey, sorry for not responding in time, had a tought time in school recently. I've increased my TLS grade to B on ssllabs (would check on website ononoki1 provided, but would have to wait some time for it to let me again). I hope this TLS ranking is sufficient. Any help regarding this issue is welcomed.

Current TLS config on traefik: ` [tls] [tls.options] [tls.options.default] sniStrict = true cipherSuites = [ "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305", "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305", "TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384", "TLS_CHACHA20_POLY1305_SHA256", "TLS_FALLBACK_SCSV" # Client is doing version fallback. See RFC 7507.

"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"

]`

[unixfox]

You need to have better letter than F on cryptcheck or your instance can't be added sorry.

B on ssllabs seems to indicate a bad TLS security.

[kuj0nell0]

Managed to get A on sslabs.

[kuj0nell0]

You need to have better letter than F on cryptcheck or your instance can't be added sorry.

B on ssllabs seems to indicate a bad TLS security.

will try at 22:46:41 UTC (I guess)

[kuj0nell0]

@unixfox got A+

[unixfox]

Ok great, for me your TLS configuration seems to be a bit too harsh now.

See mine: https://cryptcheck.fr/https/searx.be

Like android 6, IE11 on windows 10 and early versions of Edge won't be able to load your instance.

https://ssl-config.mozilla.org/ is a good starting point for a good ssl configuration. I meant starting point because you won't get an A+ directly, you need to tweak a little bit more.

Please don't triple post, use the edit button on your previous message.