I would like to limit access to my API endpoints when unauthorized requests (i.e. when origin server responds with 401 status code) are made but I wasn't able to find any information on how to go about this online. Is this possible using nginx? Please let me know.
I have a similar question asking here https://serverfault.com/questions/907860/nginx-limit-request-based-on-respon... (no reply yet).
I've tried several combinations, but haven't found any working solution yet. It seems that limit was done in "receiving" state of requests only, which mean $status is always null.
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,279547,279582#msg-279582
I posted the same question on Digital Ocean forums and got a response suggesting to intercept errors from upstream and to rate limit based on the error using the `error_page` directive. I haven't tried it myself yet but it's worth a shot. Here's a link to the full post: https://www.digitalocean.com/community/questions/use-nginx-to-rate-limit-onl.... Let me know if this works for you.
Regards, Krishna Veera Reddy
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,279547,279595#msg-279595