Here is a thing that still feels slightly illegal the first time you do it: you spin up a $5 box, paste in one Docker command, and ten minutes later you have a search engine that answers to you and nobody else. No ad profile. No "based on your recent searches." No quiet little record of every 3 a.m. question you ever typed. That's SearXNG — a free, open-source metasearch engine that, as of June 2026, carries roughly 32,000 GitHub stars and over 9,500 commits, and is very much still being shipped. This is the guide to standing it up yourself, understanding why it actually works, and deciding whether to run your own or borrow someone else's.
Key takeaways
- SearXNG is a metasearch engine, not a search engine. It owns no index. It forwards your query to up to 262 upstream engines (Google, Bing, Wikipedia, Reddit, and hundreds more), then merges and de-duplicates the results (docs.searxng.org, 2026).
- The privacy comes from architecture, not promises. The upstream engines see your server, not you — and SearXNG strips the tracking junk in between. No cookies, no profile, no fingerprint to sell.
- Setup is one Compose file. The maintained 2026 path is the
container/compose files in the main repo; the oldsearxng-dockerhelper repo was archived on March 28, 2026. - Default internal port is 8080. Add a real secret key and a reverse proxy before you expose it to the internet.
- It's AGPL-3.0 and a fork of searx (started mid-2021), with around 70 well-maintained public instances if you'd rather not self-host.
What is SearXNG, and how does it actually work?
SearXNG is a free metasearch engine that aggregates results from up to 262 search services while tracking and profiling nobody (SearXNG docs, 2026). The trick is in the word meta: it has no crawler and no index of its own. When you search, your instance fires the same query at a configurable fan of upstream engines in parallel, waits for them to answer, then scores, merges, and de-duplicates everything into one ranked page.
So the flow is simple. You ask SearXNG. SearXNG asks Google, Bing, Brave, Wikipedia, Stack Overflow, and however many others you enabled. They answer SearXNG. SearXNG hands you the blend. You can weight engines, group them by category (general, images, news, science, IT, maps), and switch the whole thing to a different upstream if one starts misbehaving.
SearXNG aggregates results from up to 262 upstream search services and merges them into one ranked page. Because it holds no index of its own, no single engine ever sees the full stream of one person's searches — the defining property that makes profiling structurally hard rather than merely promised (SearXNG documentation, 2026).
For a fuller picture of how this slots into a private, AI-flavoured stack — SearXNG as the retrieval layer feeding a local model — see my walkthrough of self-hosting Vane (formerly Perplexica), which uses SearXNG under the hood as its search backend.
Why can't Google profile you through SearXNG?
Because Google never meets you. Every upstream request originates from your SearXNG server's IP, carrying no account, no long-lived cookie, and no per-user fingerprint — so the behavioural profile Google normally assembles has nobody to attach itself to (SearXNG docs, 2026). From Google's side it looks like one slightly odd visitor running a lot of unrelated one-off queries.
SearXNG also scrubs the layer in between. Results links are cleaned of the tracking parameters engines love to staple on. Cookies and JavaScript are optional — the no-JS HTML interface is a first-class citizen, which is also why AI crawlers and screen readers handle it fine. And if you want to disappear further, SearXNG can route its outbound requests over Tor.
Here's the honest caveat, because the indie-privacy crowd oversells this constantly: if you run a public instance that thousands of people share, your individual queries hide in the crowd, but the operator could log them. If you run a private, single-user instance, nobody can profile you — but every query visibly comes from your one IP, so you've traded crowd-anonymity for trust. Pick your threat model. For most people who just want out of the ad-profiling machine, a private instance behind a VPN is the sweet spot.
Quick start: the Docker Compose path (2026)
The fastest supported install in 2026 is the official Docker Compose path, which pulls a single docker-compose.yml and an environment file straight from the repo (SearXNG installation docs, 2026). You need Docker with the Compose plugin and about two minutes. Copy-paste this:
# 1. Make a working directory and drop into it
mkdir -p ./searxng/ && cd ./searxng/
# 2. Pull the official compose file and env template from the repo
curl -fsSL \
-O https://raw.githubusercontent.com/searxng/searxng/master/container/docker-compose.yml \
-O https://raw.githubusercontent.com/searxng/searxng/master/container/.env.example
# 3. Create your env file and edit the hostname + admin email
cp -i .env.example .env
nano .env # set SEARXNG_HOSTNAME (e.g. search.example.com) and your email
# 4. Bring it up in the background
docker compose up -dThat's the whole baseline. Open http://localhost:8080 (8080 is SearXNG's default internal port) and you have a working private search box. Watch the logs or tear it down with the usual Compose verbs:
docker compose logs -f # follow the logs
docker compose ps # what's running
docker compose down # stop and removeOne recency note that will save you an hour: half the tutorials online tell you to git clone searxng/searxng-docker. That repo was archived on March 28, 2026, and now points people at the container/ compose files above. If a guide starts with the old helper repo, it predates the move — use the commands here instead.
Hardening: a secret key, the limiter, and a real domain
SearXNG requires a unique server.secret_key in its settings.yml, and a fresh install ships with the literal placeholder ultrasecretkey — which is exactly as safe as it sounds. Replace it with a real random value before you expose the instance:
# Generate a strong secret and inject it into settings.yml
# (path is your mounted config dir, e.g. ./config/settings.yml)
sed -i "s|ultrasecretkey|$(openssl rand -hex 32)|g" ./config/settings.yml
docker compose restartThree more things separate a toy from something you'd actually leave running. First, turn on the limiter and bot detection in settings.yml so scrapers don't get your instance rate-limited or blocked by the upstream engines. Second, put a reverse proxy with TLS (Caddy or Nginx) in front of it so traffic is encrypted and the container never faces the raw internet. Third, if it's just for you, don't expose it publicly at all — bind it to localhost and reach it over Tailscale, WireGuard, or an SSH tunnel.
If "a private box that quietly does one job well and answers only to you" is a pattern you like, it's the same philosophy behind treating your own site as AI infrastructure — small, owned, legible services instead of renting everything from a platform.
The one-liner: a single throwaway container
Sometimes you don't want a Compose stack — you just want to poke at SearXNG for an afternoon. A single docker run gives you a disposable instance with config and cache mounted to the host, mapping the internal 8080 to 8888 so it doesn't collide with anything (SearXNG docs, 2026):
mkdir -p ./searxng/config/ ./searxng/data/ && cd ./searxng/
docker run --name searxng -d \
-p 8888:8080 \
-v "./config/:/etc/searxng/" \
-v "./data/:/var/cache/searxng/" \
docker.io/searxng/searxng:latestVisit http://localhost:8888, kick the tires, and docker container stop searxng && docker container rm searxng when you're done. The mounted ./config/ survives, so your tweaks carry over if you bring it back. Prefer building from source? git clone the main repo and run make container — but for almost everyone the published image is the right call.
SearXNG vs Google vs DuckDuckGo vs Whoogle
Privacy-respecting search is a crowded shelf, and the differences are real. The question that actually matters is who sees your identity and whether you control the box. Here's the honest 2026 comparison.
| Engine | Who sees your identity | Tracks / profiles you | Result source | Self-hostable | Ads |
|---|---|---|---|---|---|
| SearXNG (self-hosted) | Only your own server | No — no index, no account, no profile | Up to 262 upstream engines, merged | Yes (this guide) | None |
| Google, fully, tied to your account | Yes — that's the business model | Own index | No | Many | |
| DuckDuckGo | DuckDuckGo (trust their no-log policy) | Claims no profiling; you're trusting a third party | Mostly Bing, plus its own crawler | No | Yes (non-targeted) |
| Whoogle / Startpage | The proxy operator | Proxied Google results; no personal profile | Google (proxied) | Whoogle: yes · Startpage: no | Startpage: optional |
The pattern is clear. DuckDuckGo and Startpage ask you to trust a company not to log you. Self-hosted SearXNG (and Whoogle) ask you to trust yourself, because you own the only machine that ever sees the query. For a degoogling purist, that distinction is the whole point.
Should you self-host or use a public instance?
Around 70 well-maintained public SearXNG instances run today, and using one costs you nothing and zero setup (SearXNG docs, 2026). The catch is trust: a public instance's operator could log your searches, and you have no way to verify they don't. The upside is crowd cover — your queries blend into everyone else's traffic from that instance.
Self-hosting flips both. You trust nobody, because the only logs are yours and you can turn them off. But your private instance sends every query from a single IP, so you'll usually want it behind a VPN or Tor for outbound cover. My rule of thumb: use a reputable public instance for casual, throwaway lookups; self-host the instance you make your daily driver. It's the same calculus as running your own local models with Ollama — a little setup buys you results that never leave your control.
Is SearXNG still maintained in 2026?
Yes, and actively. As of June 2026 the repository sits at roughly 32,000 stars, 3,000 forks, and more than 9,500 commits, with 167 open issues and 44 open pull requests in flight — the signature of a live project, not an abandoned one (SearXNG on GitHub, 2026). It's written mostly in Python, licensed AGPL-3.0, and ships rolling container images rather than ceremonial version tags.
The project began in mid-2021 as a fork of the older searx, and the community has steadily modernised it since — consolidating on the in-repo container/ compose files and retiring the separate searxng-docker helper in early 2026. Translations run through Weblate, coordination happens on Matrix, and engine definitions get patched constantly as upstream sites change their markup. In a landscape where privacy tools quietly die, SearXNG keeps shipping.
Frequently asked questions
What is SearXNG in one sentence?
SearXNG is a free, open-source metasearch engine you can self-host that forwards your query to up to 262 upstream search engines and merges the results, while tracking and profiling nobody (SearXNG docs, 2026). It holds no index of its own, so no single engine sees a profile of you.
Is SearXNG legal and free to use?
Yes. SearXNG is released under the AGPL-3.0 license, is free in both senses, and querying public search engines through it is the same activity your browser already does. As of 2026 the project carries about 32,000 GitHub stars and stays actively maintained, so you're not adopting orphaned software.
Does SearXNG work without JavaScript?
Yes — the no-JavaScript HTML interface is first-class, not an afterthought. That's deliberate: it keeps the attack surface small, loads fast, and stays readable to screen readers and crawlers. Cookies and scripts are optional throughout, and connections are encrypted, which is core to the project's privacy posture (SearXNG docs, 2026).
Will search engines block my SearXNG instance?
They can, if you hammer them. A single private instance rarely triggers anything, but skipping the built-in limiter or sharing one IP across many users can get specific engines rate-limited. The fix is enabling bot detection in settings.yml, spreading load across more engines, and optionally routing outbound requests over Tor.
Should I run a public instance or a private one?
Use one of the roughly 70 public instances for casual, low-stakes searches and crowd cover; self-host a private instance for your daily driver so no operator can log you. A private instance sends every query from your one IP, so pair it with a VPN or Tor for outbound anonymity (SearXNG docs, 2026).
Resources
- SearXNG GitHub Repository – source, issues, and current activity
- SearXNG Documentation – how it works, engines, and configuration
- Docker Installation Docs – the official 2026 Compose path
- settings.yml Reference – secret key, limiter, engines, and UI options
- searx.space – a live directory of public SearXNG instances
- Self-host Vane (formerly Perplexica) – an AI answer engine that uses SearXNG as its search backend
- Ollama – run local models privately, the same own-your-stack philosophy
Last updated: June 13, 2026.
Josh writes about self-hosted tooling, AI agents, and GEO, and runs nowservingto.com, a daily-fresh directory of Toronto's newest restaurants.