rate limit with good bot IPs whitelisted
Oleksandr V. Typlyns'kyi
wangsamp at gmail.com
Sat Nov 22 19:58:45 UTC 2014
Today Nov 22, 2014 at 09:42 neubyr wrote:
> > It will not work as you expect.
> > Geo does not support variables in values.
> > You need something like this:
> > geo $whitelist {
> > default 0;
> > 127.0.0.1 1;
> > ...
> > }
> > map $whitelist $rate_limit_ip {
> > default $binary_remote_addr;
> > 1 "";
> > }
> >
> >
> I am not sure how, but it's working only with geo defining IP addresses. I
> can see HTTP 503 on client side and also 'limiting requests, excess: 10.033
> by zone' in error logs. Nginx version: nginx/1.6.0
>
> geo $rate_limit_ip {
> default $binary_remote_addr;
> 127.0.0.1 1;
> 10.0.0.0/8 1;
> }
You define key "$binary_remote_addr"(string, not variable) and clients
share one limit for all.
> I was wondering if remote ip's hostname lookup can be done before
> rate-limiting it. For example, I don't want to block IPs coming from
> baidu.com. Can I do such IP-hostname lookup before rate-limiting? Will it
> efficient or what are other options?
Nginx does not lookup remote hostnames at all.
--
WNGS-RIPE
More information about the nginx
mailing list