limit_req seems to have no effect, but I would prefer it did
Valentin V. Bartenev
ne at vbart.ru
Thu Oct 11 09:31:42 UTC 2012
On Thursday 11 October 2012 05:17:19 zildjohn01 wrote:
> That definitely explains the behavior I was seeing. But to me, any way to
> bypass the rate limiter seems like a security hole.
Just "return 410;" is the much cheaper than the whole request limitation thing.
And it's a good reason to save the resources and don't do limitation at all in
this case.
The limit modules should be used to limit access to any resource consumption
tasks, not trivial. Limiting for "return 410;" seems pointless to me.
> Is there any way to change the phase/order of these two directives,
No, there is no way.
> or to otherwise cause rewritten requests to be rate limited?
You can try some workaround like this:
location / {
try_files /410 @410;
}
location @410 {
return 410;
}
wbr, Valentin V. Bartenev
--
http://nginx.com/support.html
More information about the nginx
mailing list