Throttle requests with limit_req rate based on header from response to auth subrequest
francis at daoine.org
Fri Aug 31 11:09:08 UTC 2018
On Thu, Aug 30, 2018 at 08:13:33PM -0400, jarstewa wrote:
For what it's worth:
> 1) The limit_req directive is being processed before the auth subrequest
> 2) Therefore, when the limit_req is present, the mapped variables are empty
> since the header from the auth request is not present. But when limit_req
> is removed, the mapped variables are evaluated by the access_log, which
> happens after the auth subrequest has been made.
> Can anyone kindly confirm or reject this theory?
I'm pretty sure that that is what is happening.
In the mail thread you linked to originally, the limit_req part was
being calculated based on something in the request.
You are trying to calculate it based on something not in the request.
I don't have a suggested solution.
Francis Daly francis at daoine.org
More information about the nginx