Rate Limiting with 'Timeouts' for Abusers

Mirosław Jaworski mjaw at ikp.pl
Tue May 11 13:37:22 MSD 2010


On Tue, 2010-05-11 at 04:48 -0400, Michael Gorsuch wrote:
> I'm using Nginx for a new project, and am already very impressed by
> the rate limiting features.  Thank you!
> 
> However, there is one stakeholder who is insistent that abusers
> (defined as those that are exceeding the set rate) be put into a 60
> second timeout in which we display 503's.  It's the 60 second part
> that I'm having trouble with - is that possible with the current
> feature set?

You can use your packet filter to trap those who exceed certain
parameters and redirect incoming traffic from those qualified to
different port which nginx will also listen on and serve 503's
there.

-- 
Mirosław "Psyborg" Jaworski
GCS/IT d- s+:+ a C++$ UBI++++$ P+++$ L- E--- W++(+++)$ N++ o+ K- w-- O-
M- V- PS+ PE++ Y+ PGP t 5? X+ R++ !tv b++(+++) DI++ D+ G e* h++ r+++ y?
                    "To err is human, to arrrr is pirate."




More information about the nginx mailing list