Limit_conn with zones -- safe production server value?

pk899 nginx-forum at
Sun May 29 20:07:56 MSD 2011

Hi. I am trying to replicate the functionality of mod_evasive on Apache,
which basically says that at the same point the same IP can have only "X
connections per second". 

I see the example here:

But this uses "binary_remote_addr". How does this cater for shared IPs,
where people in the same network may actually have the same remote addr.

Can I therefore use some other variable, such as a combination of
"binary_remote_addr" and their "http_user_agent"? 

What is the most often used value in production environments? 


Posted at Nginx Forum:,202012,202012#msg-202012

More information about the nginx mailing list