limit_zone: Using other variables than $binary_remote_addr

Denis Filimonov denis at filimonov.name
Wed Jan 14 13:47:46 MSK 2009


You can use any variable in limit_zone, e.g., 

limit_zone   one  $my_var  10m;
...
server {
   ...
   set $my_var <whatever>;
   limit_conn   one  1;
}

On Wednesday 14 January 2009 05:33:03 Steffen Weber wrote:
> I want to restrict the number of connections people can have to our
> download server. Limiting the concurrent connections by ip address is
> not very useful, because if I only allow 1 connection per ip address
> then a user cannot download multiple files at once. And if I allow n > 1
> connections per IP address, then some download managers will create
> multiple connections and other users complain about fairness.
>
> Currently one can use the limit_zone module to restrict the number of
> concurrent connections per ip address. An interesting use case would be
> to use some token in the URL (for example a GET parameter or a part of
> the requested path) instead of the ip address as the limit_zone
> $variable mentioned in the wiki:
> http://wiki.codemongers.com/NginxHttpLimitZoneModule
>
> For example if I hand out the URL
> http://example.org/file.zip?token={SOME_MD5_SUM} to a client I do not
> want to allow more than one concurrent connection that uses the given
> token. Is this currently possible in nginx? If yes, then which $variable
> do I have to use in the limit_zone directive?
>
> Of course, I would have to verify that the token is one that I have
> given to the client and that it has not been constructed arbitrarily.
> But this can be easily solved with a little PHP and the excellent
> "X-Accel-Redirect" header that nginx supports.
>
> Kind regards
> Steffen Weber






More information about the nginx mailing list