[nginx] Using User-Agent & IP address to rate limit
B.R.
reallfqq-nginx at yahoo.fr
Mon Jul 28 16:16:27 UTC 2014
On Mon, Jul 28, 2014 at 5:35 PM, lorenanicole <nginx-forum at nginx.us> wrote:
> The concern here is if there is a way to redirect the rewritten uri without
> having to break out and start processing the request again (argument last)?
> Additionally, is the setting of zone's using the IP address as the key the
> proper way to control these different rate limiting and burst thresholds?
>
I am no expert, but in my own eyes, I would have avoided using:
1°) A series of 'if' which behavior might be clumsy
2°) Redirections which kind of 'cut the flow'
What I would have done:
1°) Defining all the log_format stuff at the http level: the sooner, the
better
2°) Replacing the if series with a map (also in http) like the following:
map $http_user_agent $language {
Java/* java
...
"" etc
default none
}
3°) Using the output of the first map as the input of two others to define
zone and burst amount, like:
map $language $zone {
java one
}
map $language $burst {
java 140
}
4°) Processing all the requests in the default location :
location / {
root html;
index index.html;
if($language != none) {
limit_req zone=$zone burst=$burst;
access_log /var/log/nginx/access.log $language;
proxy_pass https://example.com;
}
...
}
All that is not error-proof, coming straight outta my mind with no
testing... but you get the general idea.
---
*B. R.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20140728/3d7f03e7/attachment.html>
More information about the nginx
mailing list