limit_req and IP white listing on 0.8.55
nauger
nginx-forum at nginx.us
Tue Apr 30 23:25:22 UTC 2013
Hello!
I've followed this reference:
http://forum.nginx.org/read.php?2,228956,228961#msg-228961
To produce the following config:
http {
geo $public_vs_our_networks {
default 1;
127.0.0.1/32 0;
... my networks ...
}
map $public_vs_our_networks $limit_public {
1 $binary_remote_addr;
0 "";
}
limit_req_zone $limit_public zone=public_facing_network:10m
rate=40r/m;
...
server {
...
location / {
...
limit_req zone=public_facing_network burst=5
nodelay;
...
proxy_pass http://my_upstream;
}
}
}
Unfortunately-- my error logs quickly filled up with clients who were
incorrectly rate limited. It was as if this configuration created 1 bucket
for ALL the public facing clients, as opposed to individually bucketing each
public client by their $binary_remote_addr. Please advise on what I might
be missing.
Thanks for your help!
-Nick
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,238757,238757#msg-238757
More information about the nginx
mailing list