How to limit POST request per ip ?

Maxim Dounin mdounin at mdounin.ru
Fri May 9 04:23:18 UTC 2014


Hello!

On Tue, May 06, 2014 at 03:16:09PM -0700, Jeroen Ooms wrote:

> On Sat, Apr 5, 2014 at 3:07 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> >
> > we need something like
> >
> >     limit_req_zone $limit zone=one:10m rate=1r/s;
> >
> > where the $limit variables is empty for non-POST requests (as we
> > don't want to limit them), and evaluates to $binary_remote_addr
> > for POST requests.
> 
> A follow-up question: are requests that hit the cache counted in the
> limit_req_zone? I would like to enforce a limit on the POST requests
> that actually hit the back-end; I don't mind additional requests that
> hit the cache.

Limits are checked (and counted) before a request is passed to a 
content handler, hence all requests are counted, both cached and 
not.  If you want to limit only requests which aren't cached, you 
may do so, e.g., by adding an additional proxy layer with 
limit_req.

-- 
Maxim Dounin
http://nginx.org/



More information about the nginx mailing list