limit_req with IP whitelisting
Maxim Dounin
mdounin at mdounin.ru
Wed Jul 6 23:09:32 MSD 2011
Hello!
On Wed, Jul 06, 2011 at 02:43:52PM -0400, LeMaitre wrote:
> Hello Maxim,
>
> I have tried and I got error 403.
>
> http {
> ...
> geo $nolimit {
> default 0;
> 10.0.0.0/24 1; # my network
> 192.168.0/24 1; #my network
> }
> limit_req_zone $binary_remote_addr zone=ratezone:10m rate=5r/s;
> ...
>
> server {
> location / {
> error_page 418 = @nolimit;
> if ($nolimit) {
> return 418;
> }
> limit_req zone=ratezone burst=10 nodelay;
> index.html index.php;
Just a side note: this doesn't looks like correct config, probably
"index" directive was missed somewhere.
> if (!-f $request_filename) {
> rewrite ^/(.*)$ /index.php last;
> }
> }
>
> location @nolimit {
> }
You have to replicate your normal config in the "location
@nolimit". Most likely you've got 403 due to no index defined
here.
> ...
> }
Note well that if you have other locations, you may want to limit
them too (in a similar fashion).
Maxim Dounin
More information about the nginx
mailing list