some sort of attack?

Praveen Yarlagadda praveen.yarlagadda at gmail.com
Sat Mar 16 19:37:52 UTC 2013


Thanks a lot, Jonathan and Francis!

It works great. I am able to significantly reduce the load. Here is my
final configuration:

*    limit_req_zone $binary_remote_addr zone=ratezone:10m rate=3r/s;*
*    server  {*
*      listen  80;*
*      server_name www.example.com;*
*
*
*      location / {*
*            limit_req zone=ratezone burst=5 nodelay;*
*            proxy_pass      http://appservers;*
*      }*
*    }*
*
*
*    server {*
*        listen 80;*
*        server_name ~.*;*
*        location / {*
*          access_log off;*
*          return 503;*
*        }*
*    }*

-Praveen


On Sat, Mar 16, 2013 at 3:38 AM, Francis Daly <francis at daoine.org> wrote:

> On Sat, Mar 16, 2013 at 02:34:32AM -0700, Praveen Yarlagadda wrote:
>
> Hi there,
>
> > I installed nginx on an EC2 instance.
>
> > Another weird thing is GET
> > requests are starting with *"http://". *I never saw it before. Is there
> any
> > way I can filter requests or possibly throw 503?
>
> These might be innocent requests from browsers configured to use your IP
> address as a proxy server. (Maybe there was a proxy server on a previous
> instance that used your current address?)
>
> I suggest making your current server{} blocks list all of the
> server_name:s that you want to handle, and then let the default
> server{} block handle these other requests, with "return 503" or any
> other configuration you like.
>
> See http://nginx.org/r/listen and http://nginx.org/r/server_name for how
> to configure server names and the default server for a given address:port.
>
>         f
>
> --
> Francis Daly        francis at daoine.org
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20130316/3f625e03/attachment.html>


More information about the nginx mailing list