limiting requests in a given timeframe

Thomas Seifert thomas-lists at mysnip.de
Sat Oct 20 00:07:41 MSD 2007


Hey there,

nginx seems to be a great product and I'd like to use it as a kind of
proxy/load-balancer in front of a couple of fastcgi-backends.
But I need to limit the number of requests by one IP in a given
timeframe to my dynamic pages to avoid hammering the server
from some malicious users.
Therefore I'm wondering if there are any plans to make such a
functionality in nginx available?
Currently I only know of mod_evasive for apache which does something
like that but couldn't find anything else.
I'm not talking about number of concurrent requests from one IP but the
number of requests in a given timeframe, e.g.
limit the number of requests to 10 in 15 seconds or something like that
and if that number is reached, block the user for
a given timespan (e.g. 30 minutes) and redirect to some predefined
static page or return an error-code.


Thanks in advance,

thomas





More information about the nginx mailing list