Rate limiting requests per IP address in Nginx
source link: https://www.jeffgeerling.com/blog/2022/rate-limiting-requests-ip-address-nginx
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Rate limiting requests per IP address in Nginx
March 8, 2022
Just wanted to post this here, since I've had to do this from time to time, and always had to read through the docs and try to build my own little example of it...
If you're trying to protect an Nginx server from a ton of traffic (especially from a limited number of IP addresses hitting it with possibly DoS or DDoS-type traffic), and don't have any other protection layer in front, you can use limit_req to rate limit requests at whatever rate you choose (over a given time period) for any location on the server.
# Add this to your virtual host config file.
limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10r/s;
# Later, in a `server` block:
server {
location ~ \.php$ {
limit_req zone=mylimit;
...
}
...
}
I have had to do this sometimes when I noticed a few bad IPs attacking my servers. You can adjust the rate and zone settings to your liking (the above settings limit requests to any PHP script to 10 per second over a 10 minute period).
You may also be interested in selectively blocking POST requests for certain IP addresses/ranges.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK