Throttle requests with limit_req rate based on header from response to auth subrequest

jarstewa nginx-forum at
Thu Aug 30 16:53:47 UTC 2018

Francis Daly Wrote:
> On Wed, Aug 29, 2018 at 07:14:01PM -0400, jarstewa wrote:
> Hi there,
> I do not know the answer, and I have not tested the code you provided.
> But, one suggestion which might be quick for you to test:
> what happens if you change all of your variable names so that they do
> not start with a digit?
> As in: rename $2X_key to be (for example) $a2X_key.
> It is possible that "$2X_key" will be expanded as "X_key" when $2 has
> no value.

Thanks for the suggestion.  I modified my example to have names likes
$key_two rather than $2X_key and I do see the same behavior.

> If the first limit_req_zone argument is true in each case, the lowest
> rates is
> on the first one, so that is the one that will always take effect.

Hm, it seems to me that the first limit_req_zone argument is "", based on
the value of the variable that I see in the logs, so I don't know why that
limit is taking effect.

Posted at Nginx Forum:,281034,281049#msg-281049

More information about the nginx mailing list