Rate Limiting with 'Timeouts' for Abusers

Michael Gorsuch michael.gorsuch at gmail.com
Tue May 11 12:48:44 MSD 2010


I'm using Nginx for a new project, and am already very impressed by
the rate limiting features.  Thank you!

However, there is one stakeholder who is insistent that abusers
(defined as those that are exceeding the set rate) be put into a 60
second timeout in which we display 503's.  It's the 60 second part
that I'm having trouble with - is that possible with the current
feature set?

I was doing my testing with a rate setting of 5 req/s and a burst of
5.  Obviously the 503's appear after the burst has been depleted, but
they go away more or less immediately once the user begins behaving

All the Best,

Michael Gorsuch

More information about the nginx mailing list