Rate Limit not applied when mapping $upstream_http_ headers

Markus Grobelin grobi at koppzu.de
Fri Oct 1 08:47:01 UTC 2021

Hy everybody, 

I have a reverse-proxy setup with an upstream application that sets a header (x_tenant_id). 

Based on that headers value, I want to apply a rate limit to clients. 

I verified the rate limit applies* properly, when a usual request header (e.g. $http_x_tenant_id) is mapped. However the config below does not map $upstream_http_x_tenant_id** at all. 

Any advice how to achieve rate limiting using such $upstream_http_ headers? 

Thanks in advance, 

* siege -c 10 -t5S -H 'x-tenant-id: 503' <someurl> 

upstream myupstream { 

# does not work 
map $upstream_http_x_tenant_id $limit_key { 
123 $binary_remote_addr; 
503 $binary_remote_addr; 
default ""; 

server { 
location / { 
# Rate limiting for some tenants 
limit_req zone=limit_key; 
limit_req_status 444; 
uwsgi_read_timeout 300s; 
uwsgi_send_timeout 300s; 
uwsgi_pass myupstream; 
include /etc/nginx/uwsgi_params; 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20211001/7306ea74/attachment.htm>

More information about the nginx mailing list