limit_zone: Using other variables than $binary_remote_addr

Steffen Weber nginx at
Wed Jan 14 18:26:20 MSK 2009

Thanks! And just in case anybody is still unsure what to do in my case 
(GET parameter "hash") I was able to use

limit_zone downloads $arg_hash 10m;


Denis Filimonov wrote:
> You can use any variable in limit_zone, e.g., 
> limit_zone   one  $my_var  10m;
> ...
> server {
>    ...
>    set $my_var <whatever>;
>    limit_conn   one  1;
> }
> On Wednesday 14 January 2009 05:33:03 Steffen Weber wrote:
>> I want to restrict the number of connections people can have to our
>> download server. Limiting the concurrent connections by ip address is
>> not very useful, because if I only allow 1 connection per ip address
>> then a user cannot download multiple files at once. And if I allow n > 1
>> connections per IP address, then some download managers will create
>> multiple connections and other users complain about fairness.
>> Currently one can use the limit_zone module to restrict the number of
>> concurrent connections per ip address. An interesting use case would be
>> to use some token in the URL (for example a GET parameter or a part of
>> the requested path) instead of the ip address as the limit_zone
>> $variable mentioned in the wiki:
>> For example if I hand out the URL
>>{SOME_MD5_SUM} to a client I do not
>> want to allow more than one concurrent connection that uses the given
>> token. Is this currently possible in nginx? If yes, then which $variable
>> do I have to use in the limit_zone directive?
>> Of course, I would have to verify that the token is one that I have
>> given to the client and that it has not been constructed arbitrarily.
>> But this can be easily solved with a little PHP and the excellent
>> "X-Accel-Redirect" header that nginx supports.
>> Kind regards
>> Steffen Weber

More information about the nginx mailing list