Any way to deal with clients breaking the limit zone
mdounin at mdounin.ru
Thu Jun 2 13:36:27 MSD 2011
On Wed, Jun 01, 2011 at 10:52:03AM -0400, karabaja wrote:
> Just in case it is relevant I'll explain the setup. It is vbulletin site
> with apache serving php and nginx static content.
> I have this in nginx.conf
> limit_zone one $binary_remote_addr 10m;
> and this in vhost config of the site in question:
> limit_conn one 35;
> I hope that is reasonable setting.
> Haven't noticed any issues with regular traffic. But occasionally we get
> some ips breaking the zone limit, I am pretty sure it is not a regular
> visitor. And it was generating hundreds of lines in vhost-error_log:
> limiting connections by zone "one", client: xx.xx......
> So my question is if there is perhaps a way to stop that client after he
> repeats the limit breaking constantly for like 5 minutes, or X times or
> something like that.
> Or at least to stop it generating the logs.
> I ended up blocking that ip with firewall today, but I won't be there
> all the time to see it and it is gonna create a lot of junk lines in the
> log. It is not that big of an issue but I just thought it is worth a
> shot to see if there is a way around it.
Usual aproach is to read logs with some script (fail2ban or
something) and block offenders on firewall by the script.
More information about the nginx