<div dir="ltr"><div dir="ltr"><div>I have a website : <a href="https://www.solidkingsinc.com" target="_blank">https://www.solidkingsinc.com</a></div><div><br></div><div><br></div><div>I have the free version of Cloudflare, i use reverseproxy etc<br><br></div><div>My issue is, I have my nginx configured perfectly works fine and everything. But I am trying to bruteforce/overload/ddos my own server and it crashes because of a get request overload. I use pythons fetching method and could use whatever there exist probably but as soon as i put a fetch while loop with 10000 fetches or not even 10000, maybe 1k.It never once gives a 429 or 403 or something. I have spent soo many hours trying to find a way to use rate limiting with nginx but failed miserably. I dont see any effect. It still gives 200 status code and my server overloads it doesnt stop it. Cloudflare used to stop it and give 403, but they probably removed that too from the free tier. <br><br></div><div>Here is my current configuration: EVERYTHING WORKS AS INTENDED EXCEPT <br>----------------------<br><br>worker_processes  1;<br><br>events {<br>    worker_connections 4096;<br>}<br><br><br>http {<br>    <br>    limit_req_zone $binary_remote_addr zone=mylimit:10m rate=2r/s;<br>    include       mime.types;<br>    default_type  application/octet-stream;<br><br>    sendfile        on;<br>    keepalive_timeout  65;<br><br>    log_format combined_with_limit '$remote_addr - $remote_user [$time_local] "$request" '<br>                                   '$status $body_bytes_sent "$http_referer" '<br>                                   '"$http_user_agent" "$http_x_forwarded_for" '<br>                                   'limit_status=$limit_req_status';<br>    <br>    access_log logs/access.log combined_with_limit;<br><br><br></div><div>    #backend<br></div><div>    server {<br>        listen 443 ssl;<br>        server_name <a href="http://api.solidkingsinc.com" target="_blank">api.solidkingsinc.com</a>;<br><br>        ssl_certificate      C:/Windows/System32/drivers/etc/apissl/certificate.pem;<br>        ssl_certificate_key  C:/Windows/System32/drivers/etc/apissl/private.key;<br><br>        ssl_session_cache    shared:SSL:1m;<br>        ssl_session_timeout  5m;<br><br>        ssl_ciphers  HIGH:!aNULL:!MD5;<br>        ssl_prefer_server_ciphers  on;<br>  <br>        location / {<br>            limit_req zone=mylimit burst=10 delay=5;<br><br>            proxy_pass <a href="http://localhost:1337" target="_blank">http://localhost:1337</a>;<br>            proxy_http_version 1.1;<br>            proxy_set_header X-Forwarded-Host $host;<br>            proxy_set_header X-Forwarded-Server $host;<br>            proxy_set_header X-Real-IP $remote_addr;<br>            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;<br>            proxy_set_header X-Forwarded-Proto $scheme;<br>            proxy_set_header Host $http_host;<br>            proxy_set_header Upgrade $http_upgrade;<br>            proxy_set_header Connection "Upgrade";<br>            proxy_pass_request_headers on;<br>        }<br><br>    }<br><br>    # Frontend<br>    server {<br>        listen 443 ssl;<br>        server_name <a href="http://solidkingsinc.com" target="_blank">solidkingsinc.com</a> <a href="http://www.solidkingsinc.com" target="_blank">www.solidkingsinc.com</a>;<br><br>        ssl_certificate      C:/Windows/System32/drivers/etc/ssl/certificate.pem;<br>        ssl_certificate_key  C:/Windows/System32/drivers/etc/ssl/private.key;<br><br>        ssl_session_cache    shared:SSL:1m;<br>        ssl_session_timeout  5m;<br><br>        ssl_ciphers  HIGH:!aNULL:!MD5;<br>        ssl_prefer_server_ciphers  on;<br><br>        if ($host = <a href="http://solidkingsinc.com" target="_blank">solidkingsinc.com</a>) {<br>            return 301 <a href="https://www.solidkingsinc.com" target="_blank">https://www.solidkingsinc.com</a>$request_uri;<br>        }<br><br>        location / {<br>            proxy_pass <a href="http://localhost:5174" target="_blank">http://localhost:5174</a>;<br>            proxy_http_version 1.1;<br>            proxy_set_header X-Forwarded-Host $host;<br>            proxy_set_header X-Forwarded-Server $host;<br>            proxy_set_header X-Real-IP $remote_addr;<br>            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;<br>            proxy_set_header X-Forwarded-Proto $scheme;<br>            proxy_set_header Host $http_host;<br>            proxy_set_header Upgrade $http_upgrade;<br>            proxy_set_header Connection "Upgrade";<br>            proxy_pass_request_headers on;<br>        }<br>   }<br><br>    server {<br>        listen 80;<br>        server_name <a href="http://api.solidkingsinc.com" target="_blank">api.solidkingsinc.com</a> <a href="http://solidkingsinc.com" target="_blank">solidkingsinc.com</a> <a href="http://www.solidkingsinc.com" target="_blank">www.solidkingsinc.com</a>;<br><br>        location / {<br>            return 301 https://$host$request_uri;<br>        }<br>    }<br><br>    server {<br>        listen 80 default_server;<br>        listen [::]:80 default_server;<br><br>        server_name _;<br><br>        return 444;<br>    }<br>}</div></div>
</div>