exception for NGINX limit_req_zone
fhal
meteor8488 at 163.com
Tue Jul 24 01:25:29 UTC 2012
HI Francis,
Thanks very much for your kindly help.
I testes the configuration as following steps:
1. modify nginx.conf
http {
map $arg_mod $forum_limit {
default $binary_remote_addr;
image '';
}
limit_conn_zone $forum_limit zone=forum_conn:10m;
limit_req_zone $forum_limit zone=forum_req:10m rate=1r/s;
server {
location ~*^/(home|forum|portal).php$ {
root /web/www;
limit_conn forum_conn 5;
limit_req zone=forum_req burst=5 nodelay;
fastcgi_pass unix:/tmp/nginx.socket;
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
include fastcgi_params;
}
location ~ \.php$ {
root /web/www;
fastcgi_pass unix:/tmp/nginx.socket;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
include fastcgi_params;
}
}
}
2. Then I use webbench to test my website.
First, I test the fourm.php
webbench -c 10000 -t 10 http://www.xxx.com/fourm.php
Then I checked nginx log, I can find that webbench got lots of 503 error, the limit works.
Then I test the exception:
webbench -c -10000 -t 10 http://www.xxx.com/forum.php?mod=image&aid=1294851&size=300x300&key=8cfbb1f976564317288102de4a134345&nocache=yes&type=fixnone
I checked the nginx log, I can find that there are still 503 errors for this access. It means the exception doesn't work.
At 2012-07-23 02:35:27,"Francis Daly" <francis at daoine.org> wrote:
>On Sun, Jul 22, 2012 at 11:05:12PM +0800, fhal wrote:
>
>Hi there,
>
>> Thanks very much for your reply.
>> It still doesn't work.
>
>What, precisely, do you mean by "doesn't work"?
>
>Be specific. (Do you mean "this one is being limited and I don't want
>it to be", or "that one is not being limited and I do want it to be",
>or something different?)
>
>Read my mail again. I included the exact (small) nginx.conf fragment
>used. I included the exact test command. I described what I saw. I
>described what I expected to see.
>
>Can you do the same, just so that I can make sure that I am repeating
>exactly what you did?
>
>> The URL I want to exclude is like
>> /forum.php?mod=image&aid=1289568&size=300x300&key=6831686b88a927b0d9646529f88f5052&nocache=yes&type=fixnone
>> Does it because there are too many parameters, the map is not working?
>
>It still works for me.
>
>for i in $(seq 4); do
> curl -I 'http://127.0.0.1:8000/forum.php?mod=imag&aid=1289568&size=300x300&key=6831686b88a927b0d9646529f88f5052&nocache=yes&type=fixnone'
> sleep 1
>done
>
>(Note: that has mod=imag, and so *should* be limited)
>
>I see 3x HTTP 200 + 1x HTTP 503
>
>for i in $(seq 4); do
> curl -I 'http://127.0.0.1:8000/forum.php?mod=image&aid=1289568&size=300x300&key=6831686b88a927b0d9646529f88f5052&nocache=yes&type=fixnone'
> sleep 1
>done
>
>(Note: that has mod=image, and so *should not* be limited)
>
>I see 4x HTTP 200.
>
>My nginx.conf http section:
>
>===
>http {
> map $arg_mod $forum_limit {
> default $binary_remote_addr;
> image '';
> }
> limit_req_zone $forum_limit zone=refresh:128m rate=1r/m;
>
> include fastcgi.conf;
> server {
> location ~*^/(home|forum|portal).php$ {
> limit_req zone=refresh burst=2 nodelay;
> fastcgi_pass unix:php.sock;
> }
> }
>}
>===
>
> f
>--
>Francis Daly francis at daoine.org
>
>_______________________________________________
>nginx mailing list
>nginx at nginx.org
>http://mailman.nginx.org/mailman/listinfo/nginx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120724/11d49e57/attachment-0001.html>
More information about the nginx
mailing list