Any way to deal with clients breaking the limit zone

Maxim Dounin mdounin at mdounin.ru
Thu Jun 2 13:36:27 MSD 2011


Hello!

On Wed, Jun 01, 2011 at 10:52:03AM -0400, karabaja wrote:

> Just in case it is relevant I'll explain the setup. It is vbulletin site
> with apache serving php and nginx static content. 
> I have this in nginx.conf
> limit_zone one $binary_remote_addr 10m;
> and this in vhost config of the site in question:
> limit_conn one 35;
> 
> I hope that is reasonable setting. 
> Haven't noticed any issues with regular traffic. But occasionally we get
> some ips breaking the zone limit, I am pretty sure it is not a regular
> visitor. And it was generating hundreds of lines in vhost-error_log:
> limiting connections by zone "one", client: xx.xx......
> 
> So my question is if there is perhaps a way to stop that client after he
> repeats the limit breaking constantly for like 5 minutes, or X times or
> something like that. 
> Or at least to stop it generating the logs. 
> I ended up blocking that ip with firewall today, but I won't be there
> all the time to see it and it is gonna create a lot of junk lines in the
> log. It is not that big of an issue but I just thought it is worth a
> shot to see if there is a way around it.

Usual aproach is to read logs with some script (fail2ban or 
something) and block offenders on firewall by the script.

Maxim Dounin



More information about the nginx mailing list