Any way to deal with clients breaking the limit zone

Maxim Dounin mdounin at mdounin.ru
Fri Jan 13 10:37:08 UTC 2012


Hello!

On Fri, Jan 13, 2012 at 01:55:38AM -0500, locojohn wrote:

> Hello Maxim,
> 
> I am surely aware of how server requests are matched in nginx.   Thanks
> for the info though.
> 
> The thing is, I have multiple virtual hosts configured all with
> server_name defined, of course.   Then there's default fallback server
> configured as this:
> 
> # default fallback server
>         server {
>                 listen 80 default_server;
>                 server_name  _;
>                 return       444;
>         }
> 
> After reading your reply I went to check my error logs and the strange
> thing is that error messages go both into one of my virtual host
> server's error log with correct data (remote address, server name,
> etc.), but also go to nginx default (?) error_log with entries that I
> reported?   How come, if the virtual host server being accessed using
> the slowhttptest program is clearly "testsite" with its own error_log,
> yet the connection limit error message is reported in two error logs?
> 
> slowhttptest -c 1000 -r 1000 -X -u http://testsite
> 
> results:
> 
> /var/log/nginx/testsite/error_log:
> 
> 2012/01/12 18:10:34 [error] 10508#0: *15985 limiting connections by zone
> "addr", client: 217.24.78.177, server: testsite, request: "GET /
> HTTP/1.1", host: "devel.ahlerstoday.com", referrer:
> "http://code.google.com/p/slowhttptest/"
> 2012/01/12 18:10:35 [error] 10508#0: *15989 limiting connections by zone
> "addr", client: 217.24.78.177, server: testsite, request: "GET /
> HTTP/1.1", host: "devel.ahlerstoday.com", referrer:
> "http://code.google.com/p/slowhttptest/"

Note HTTP/1.1.  It's likely to be original request.

> 
> /var/log/nginx/error_log:
> 
> 2012/01/12 18:10:34 [error] 10509#0: *12134 limiting connections by zone
> "addr", client: 127.0.0.1, server: , request: "GET / HTTP/1.0", host:
> "testsite", referrer: "http://code.google.com/p/slowhttptest/"
> 2012/01/12 18:10:35 [error] 10509#0: *12136 limiting connections by zone
> "addr", client: 127.0.0.1, server: , request: "GET / HTTP/1.0", host:
> "testsite", referrer: "http://code.google.com/p/slowhttptest/"

Note HTTP/1.0 here.  It looks like requests here appear after 
proxy_pass to 127.0.0.1 in your original "testsite" server.

The fact the request isn't matched to the same testsite server 
suggests that things happen on different socket, i.e. you use 
listen directive in the server block in question (the one without 
server_name) either on different port or explicitly on 127.0.0.1.

> Could it have anything to do with the fact that limit_zone and
> limit_conn are defined on http level?   Yet, I think the behaviour is
> not fully correct.

Behaviour seems correct for me.

Maxim Dounin



More information about the nginx mailing list