Recommended limit_req and limit_conn for location ~ \.php$ {}

oscaretu . oscaretu at
Tue Sep 27 09:17:18 UTC 2016

Perhaps this can help:

Another option is a *429 - Too Many Requests* response.

Defined in RFC6585 -

The spec does not define how the origin server identifies the user, nor how
it counts requests.

For example, an origin server that is limiting request rates can do so
based upon counts of requests on a per-resource basis, across the entire
server, or even among a set of servers.

Likewise, it might identify the user by its authentication credentials, or
a stateful cookie.

Also see the Retry-After header in the response.

Kind regards,

On Tue, Sep 27, 2016 at 10:59 AM, itpp2012 <nginx-forum at>

> General rule of thumb is set it as low as possible, as soon as 503's are
> getting your users upset or resources are getting blocked, then double the
> values, keep an eye on the logs, double it one more time when required,
> done.
> Posted at Nginx Forum:
> php?2,269862,269866#msg-269866
> _______________________________________________
> nginx mailing list
> nginx at

Oscar Fernandez Sierra
oscaretu at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list