Apply nginx rate limits to certain IP addresses, and another rate limit to others
stuwat
nginx-forum at forum.nginx.org
Mon Oct 30 13:46:13 UTC 2017
In our Nginx config we currently have this:-
limit_req_zone $binary_remote_addr zone=two:10m rate=15r/m;
limit_req zone=two burst=5 nodelay;
Now we want to change this so that this rate limit applies to certain IP
addresses, and then have another rate limit that applies to others that is
slightly less restrictive.
geo $limited_net {
default 0;
111.222.333.444 1;
}
map $limited_net $addr_to_limit {
0 "";
1 $binary_remote_addr;
}
limit_req_zone $addr_to_limit zone=two:10m rate=15r/m;
geo $less_limited_net {
default 1;
111.222.333.444 0;
}
map $less_limited_net $addr_to_limit_less {
0 "";
1 $binary_remote_addr;
}
limit_req_zone $addr_to_limit_less zone=three:10m rate=25r/m;
So the traffic from the IP 111.222.333.444 will be affected by the rate 1st
more restrictive rate limit, and not by the second less restrictive one.
Does this give me what I want?
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,277126,277126#msg-277126
More information about the nginx
mailing list