VPS for SearXNG Private Search Engine

Public SearXNG instances are run by volunteers and may log queries, go offline without notice, get rate-limited by upstream search engines, or be shut down. A self-hosted instance gives you guaranteed availability, full control over which search engines are queried, and certainty that no logs exist (because you control the logging configuration). Your queries go from your browser to your server, from your server to the search engines, and results return the same way - with your VPS IP as the visible origin, not your home IP.

Self-hosting also lets you configure SearXNG exactly for your workflow. Enable or disable specific engines, set result language preferences, configure safe search settings per engine, and add or remove result categories. Public instances must balance these settings for hundreds of users; your own instance is tuned for you. Add the Farside redirect feature to automatically route Wikipedia, Reddit, and other site links through privacy-preserving frontends like Wikiless and Libreddit.

Another advantage: rate limits. Google, Bing, and other search engines rate-limit based on IP. A shared public SearXNG instance with 1,000 users hits rate limits constantly, degrading result quality. Your own instance on a dedicated VPS IP has a fresh request budget with each search engine, giving consistently better result coverage and fewer CAPTCHA interruptions.

SearXNG is extremely lightweight. The application itself requires 256 MB RAM and less than 1% CPU per request. The Romania VPS Start ($17.90/mo) handles SearXNG comfortably even with a Redis cache and Nginx in front. The only resource spike comes from burst query traffic if you share your instance with friends - for a small group of 5-10 users, 512 MB RAM total is sufficient.

Docker Compose is the recommended installation method. Clone the SearXNG Docker repository: git clone https://github.com/searxng/searxng-docker.git && cd searxng-docker. Edit .env to set your domain name and generate a secret key. Edit searxng/settings.yml to configure your instance name, preferred engines, result languages, and safe search defaults. Run docker compose up -d - the stack starts SearXNG, Redis (for caching), and Caddy (as a reverse proxy with automatic HTTPS).

Point a domain (or subdomain) at your VPS IP and update the hostname in .env. Caddy obtains a Let's Encrypt certificate automatically on first startup. Your SearXNG instance is accessible at https://yourdomain.com within 2-3 minutes of completing the setup. The entire process from fresh VPS to running search engine takes under 20 minutes.

SearXNG's engine configuration is in searxng/settings.yml under the engines key. Disable engines that are frequently rate-limited or produce poor results for your use case. For technical searches, prioritize GitHub, Stack Overflow, and documentation-focused engines. For general search, keep Google, Bing, and Brave enabled for broad coverage. DuckDuckGo is useful as a fallback when Google rate-limits.

Bangs let you send queries directly to specific sites: !g search term goes to Google, !gh to GitHub, !yt to YouTube. SearXNG supports DuckDuckGo-style bangs and its own engine shortcuts. Enable the shortcuts feature in settings.yml and configure your preferred shortcuts for the sites you use most.

Privacy hardening: set server.secret_key to a strong random value (generated with openssl rand -hex 32). Disable query history logging entirely (server.image_proxy: false unless you need image proxying). Set general.debug: false in production. Configure HTTP security headers in your Nginx/Caddy reverse proxy: HSTS, CSP, X-Frame-Options. Restrict registration if you only want personal use by leaving the public access setting enabled but not advertising your instance URL publicly.

If you share your SearXNG instance publicly, bot traffic and abusive automated queries will eventually exhaust your rate limits with upstream search engines. Protect your instance with bot mitigation at the Nginx level: set aggressive rate limits (limit_req_zone $binary_remote_addr zone=searx:10m rate=10r/m) and block known bot user agents. SearXNG has a built-in botdetection feature that can be enabled in settings.yml.

For a private instance (personal or small group only), add HTTP basic authentication at the Nginx/Caddy level. This prevents any unauthorized access without requiring SearXNG-level account management. Only share the credentials with intended users. This is simpler than implementing per-user accounts and sufficient for personal use cases.

Monitor your instance's health with a simple uptime check script and review the Redis cache hit rate periodically. High cache hit rates (over 30%) indicate your search patterns are repetitive enough to benefit from caching, reducing upstream API calls and rate limit consumption. Increase the Redis cache TTL for popular queries in settings.yml if the hit rate is low. AnubizHost VPS plans include 24/7 network uptime for your SearXNG instance without maintenance windows.