Keeping your Nginx limit_* Anti-DDoS behind CloudFlare's servers

c0nw0nk nginx-forum at
Tue Sep 13 11:16:32 UTC 2016

I just found the following :$binary_

To conserve the space occupied by the key we use $binary_remote_addr It
evaluates into a binary value of the remote IP address

So it seems I should be doing this instead to keep the key in memory for
that IP small to reduce the memory footprint.

limit_req_zone $binary_http_cf_connecting_ip zone=one:10m rate=30r/m;
limit_conn_zone $binary_http_cf_connecting_ip zone=addr:10m;

Posted at Nginx Forum:,269502,269513#msg-269513

More information about the nginx mailing list