Keeping your Nginx limit_* Anti-DDoS behind CloudFlare's servers

c0nw0nk nginx-forum at
Wed Sep 14 08:10:04 UTC 2016

Il test further with it but it definitely did not work with the following
using nginx_basic.exe (it was blocking the cloudflare server IP's from

http {
#Inside http

real_ip_header CF-Connecting-IP;

limit_req_zone $binary_remote_addr zone=one:10m rate=30r/m;
limit_conn_zone $binary_remote_addr zone=addr:10m;

server {
# server domain etc here

location ~ \.mp4$ {
limit_conn addr 10; #Limit open connections from same ip
limit_req zone=one; #Limit max number of requests from same ip

limit_rate_after 1m; #Limit download rate
limit_rate 1m; #Limit download rate
root '//';
expires max;
valid_referers none blocked *;
if ($invalid_referer) {
return 403;

#End server block

#End http block

Posted at Nginx Forum:,269502,269562#msg-269562

More information about the nginx mailing list