Limit number of connections to server

Payam Chychi pchychi at gmail.com
Wed Apr 5 01:55:19 UTC 2017


You can also use ulimit but simple iptable/ipfw/pf will do the job


On Tue, Apr 4, 2017 at 3:13 PM <lists at lazygranch.com> wrote:

> You would probably want to also limit the number of connections per IP
> address, else one IP could lock up the entire site.
>
>
>   Original Message
> From: Valentin V. Bartenev
> Sent: Tuesday, April 4, 2017 1:58 PM
> To: nginx at nginx.org
> Reply To: nginx at nginx.org
> Subject: Re: Limit number of connections to server
>
> On Tuesday 04 April 2017 17:22:58 Kamil Gorlo wrote:
> > Hi,
> >
> > is there a way to limit total number of open connections per listening
> port
> > in Nginx? I know that there is limit_conn module but as far as I
> understand
> > it only works on "request" layer, which means connections are counted
> only
> > when request headers have been already read.
> >
> > I have problem when number of SSL connections to my server is very high
> > (CPU is 100% and server becomes unresponsive), and I would like to "cut"
> > new connections after some defined threshold is exceeded. It would
> possibly
> > save some CPU cycles needed to handle SSL handshake, etc.
> >
> > Is it possible?
> >
>
> You should use system firewall. Most of *nix systems have one out of the
> box.
>
> wbr, Valentin V. Bartenev
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-- 
Payam Tarverdyan Chychi
Network Security Specialist / Network Engineer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20170405/0371e841/attachment.html>


More information about the nginx mailing list