limit_req_zone & proxy_intercept_errors

桐山 健太郎 kiriyama.kentaro at tis.co.jp
Thu Dec 27 12:26:45 UTC 2018


Hello,

I’m using the nginx as a reverse proxy server.

The components are formatted like the attached.
>Layout sheet on the attached file is showing the layout of the system. *Platform is AWS.
>nginx.conf is showing the conf. file on /etc/nginx/ on nginx server.
>ALB.conf is showing the conf. file on /etc/nginx/conf.d/

The proxy passing target is the DNS name of Application Load Balancer(AWS)

Here are the details that I would like to achieve.


1.     Limiting the request to the backend apache server on nginx server.
The client will request to the below URL. “URL is just a sample”
https://dev.xxxxxxx.xxxx.co.jp/front/auth

By looking at the developer tools on google chrome the web site is formatted with other requests with multiple .css , .js , .png, .ico file extension requests.

On nginx.conf in the attached file, I have used the “limit_req_zone” and would like to limit the request to pass though 13r/s to the backend apache server.
Then tried with and attached conf. file, but didn’t work well that the limit is counting the requests with and file extension which I’ve mentioned above.


2.     When the backend apache server respond with an 500 code, I would like to replace the status code to 200 and respond it back to the client(Requester).

The reason why I would like to do this is that the CloudFront very front on this web system has the custom error pages response.
If the backend apache server returns the 500 response with and message like “authentication error” and without replacing the status code on nginx, the client(Requester) will get an error pages from the desired error page on S3 bucket by the rule of CloudFront custom error page.


For No.1, Can anyone define how to exclude the requests with an following file extension when the client access to the Web page.

For No 2, As I’m selecting the proxy_intercept_errors, does the conf. which I’ve wrote in the attached file works?

Regards
Ken
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20181227/ab977fb4/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 20181227212647.zip
Type: application/octet-stream
Size: 43632 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20181227/ab977fb4/attachment-0001.obj>


More information about the nginx mailing list