How to limit POST request per ip ?
Maxim Dounin
mdounin at mdounin.ru
Sat Apr 5 22:07:55 UTC 2014
Hello!
On Sat, Apr 05, 2014 at 07:54:21AM -0400, justcyber wrote:
> How to limit POST request per ip ?
>
> Need some of:
>
> limit_except POST {
Just a side note: "limit_except POST" means the opposite to what
you ask above.
> limit_req zone=postlimit burst=10 nodelay;
> }
It is possible to limit only subset of requests by using
the fact that limit_req doesn't limit anything if it's
variable evaluates to an empty string, see
http://nginx.org/r/limit_req_zone.
That is, instead of
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
we need something like
limit_req_zone $limit zone=one:10m rate=1r/s;
where the $limit variables is empty for non-POST requests (as we
don't want to limit them), and evaluates to $binary_remote_addr
for POST requests. Such a variable can be easily constructed
using the map module (see http://nginx.org/r/map):
map $request_method $limit {
default "";
POST $binary_remote_addr;
}
--
Maxim Dounin
http://nginx.org/
More information about the nginx
mailing list