limit-req and greedy UAs

Grant emailgrant at gmail.com
Sun Sep 11 12:29:56 UTC 2016


> What looks to me to be a real resource hog that quite frankly you cant do much about are download managers. They open up multiple connections, but the rate limits apply to each individual connection. (this is why you want to limit the number of connections.)


Does this mean an attacker (for example) could get around rate limits
by opening a new connection for each request?  How are the number of
connections limited?

- Grant



More information about the nginx mailing list