Add https://search.lollypopstealer.com

C-Keenan commented 4 weeks ago

Requirements (make sure to read all of them)

[X] It is my instance. I bought the domain myself and I own this domain. Free domains (e.g. Freenom) and shared domains (e.g. noip.com) are not allowed.
[X] I'll keep my instance up to date, at the very least 1 week old. Example program for keeping up to date: watchtower, cron, ouroboros.
[X] I give the right to check.searx.space to check my instance (every 3 hours for the response times, every 24 hours for the other tests).
[X] I acknowledge that managing a public instance is not an easy task and require spending time to keep the instance in good health. E.g. look after your instance by using a monitoring system.
[X] I guarantee to keep an uptime per month of my instance at minimum 90%. Please ask for a removal of your instance if there is a planned long downtime or notify us here for a short downtime.
[X] I do not track the users of my instance with any analytics or tracking software.
[X] I won't try to manipulate the ranking of my instance in a way that give an unfair advantage over the other public instances in the list. (e.g. caching requests for searx.space server)
[X] I control the final webserver (software) that is serving the requests to the users of my instance. Here is a non-exhaustive list of forbidden hosting types: Cloudflare, PaaS, managed (hosting provider controlled) HTTP(S) load balancer (e.g. AWS ALB), shared Web hosting. TCP load balancer is fine. Cloudflare DNS only (grey cloud) is fine.
[X] If needed, I can restrict users from accessing my instance for the only sole reason of keeping my instance in working conditions for the other users (detailed description - evidence need to be provided when asked). Other means of restriction is forbidden.

Bot protection requirement

[X] Yes I have configured the server.public_instance parameter.

Source code URL

No response

Comment

If you have any questions/concerns/issues please contact dev@lollypopstealer.com and allow at least a 7 day grace period as I may not see the email right away. I should get back to you in a month at most probably much sooner. I'd love to help make the internet more private again and am hoping that this helps in doing so.

github-actions[bot] commented 4 weeks ago

Please consider joining our Matrix room for public instance maintainers by joining our Matrix room: https://matrix.to/#/#searxng:matrix.org then pinging @ unixfox, @ dalf and @ mrpaulblack for asking to be invited to the Matrix room. We discuss troubles managing a public instance, sharing some advices (like how to protect against bots), announcing big changes in searxng and more.

ononoki1 commented 3 weeks ago

Please set public_instance to true.

Yes I have configured the server.public_instance parameter.

Also, your site cannot get reached via HTTP. Please setup HTTP to HTTPS redirection.

C-Keenan commented 3 weeks ago

I may have misconfigured something in the instance as I have set the 'public_instance' parameter to true and it's running behind nginxpm so both should resolve to the https "version". I'll start sorting it out tomorrow as it's a bit late today.

Edit : If http only access is required please do let me know and I can stop forcing https but would prefer to leave it if not required.

C-Keenan commented 2 weeks ago

Issue with the 'public_instance' parameter should be fixed now. Waiting for feedback on http only mode before I make any changes there.

Edit : Spelling

ononoki1 commented 2 weeks ago

Edit : If http only access is required please do let me know and I can stop forcing https but would prefer to leave it if not required.

Your site now only supports HTTPS. Please also enable HTTP and redirect HTTP requests to HTTPS.

C-Keenan commented 2 weeks ago

I just typed 'http://search.lollypopstealer.com' into my address-bar and it automatically pushed me to https so I'm not seeing your error. Can you help me to recreate your steps to get the error?

ononoki1 commented 2 weeks ago

I just typed 'http://search.lollypopstealer.com/' into my address-bar and it automatically pushed me to https so I'm not seeing your error.

Your site enables HSTS, so after first access via HTTPS, your browser will only use HTTPS even if you explictly types HTTP.

To reproduce, please use curl: run curl -v http://search.lollypopstealer.com

C-Keenan commented 2 weeks ago

One moment while I do some troubleshooting. Can you provide the response I should be expecting when it goes right as I'd like to validate my results.

Edit : Or provide an active page I can test against which will provide a similar response when hit, please?

ononoki1 commented 2 weeks ago

An example:

$ curl -I http://search.ononoki.org
HTTP/1.1 308 Permanent Redirect
Content-Type: text/html; charset=utf-8
Content-Length: 164
Connection: keep-alive
Location: https://search.ononoki.org/

C-Keenan commented 2 weeks ago

Ok, thank you. I'm currently blocked by the rate limit so I will have to wait a bit before I can continue testing, however, I will comment once I have good news.

unixfox commented 3 days ago

@C-Keenan Any news? Is your instance conformed?

noosemanAL commented 1 day ago

I tested this instance: https://search.lollypopstealer.com , Under "Engines" starting with "Files" through "Other", If you disable "bt4g" or wikicommons.files or z-library or any default selection, It crashes and won't allow you to disable those.

502

searxng / searx-instances