Protection against massiv requests from single server / ip

Alexander Kunz adk1601 at
Mon Feb 1 19:30:55 MSK 2010

Hello Jim,

thanks for your help. I am right that HttpLimitReq and HttpLimitZone is a per user limit? Every client (ip) get this limit and not all client together?

Is $binary_remote_addr the right value if my nginx is behind haproxy? Or must i use something like X-Real-IP, i am not sure how i can debug what $binary_remote_addr includes behind haproxy, perhaps it is the haproxy ip and not the clients ip address?

Kind regards

-------- Original-Nachricht --------
> Datum: Sun, 31 Jan 2010 02:46:32 -0500
> Von: Jim Ohlstein <jim at>
> An: nginx at
> Betreff: Re: Protection against massiv requests from single server / ip

> On 1/31/10 2:36 AM, adk1601 at wrote:
> > Hello Nginx community,
> >
> > what is the best way protecting my nginx webserver against massiv
> request from single server/ips? I made some tests with openload and see one
> server with openload can fill the whole 100Mbit connection to my server.
> >
> These should do the trick for you.
> -- 
> Jim Ohlstein
> _______________________________________________
> nginx mailing list
> nginx at

GRATIS für alle GMX-Mitglieder: Die maxdome Movie-FLAT!
Jetzt freischalten unter

More information about the nginx mailing list