I am trying to limit connections and requests per IP then add a whitelist for search bots to be excluded from this limits. This can be done using HttpLimitConnModule as I described on this [url=http://gadelkareem.com/2012/03/25/limit-requests-per-ip-on-nginx-using-httplimitzonemodule-and-httplimitreqmodule-except-whitelist/]post[/url]. as following
------------------------
http{
geo $notabot {
default 1;
#google
64.233.160.0/19 0;
65.52.0.0/14 0;
66.102.0.0/20 0;
66.249.64.0/19 0;
72.14.192.0/18 0;
74.125.0.0/16 0;
209.85.128.0/17 0;
216.239.32.0/19 0;
#M$
64.4.0.0/18 0;
157.60.0.0/16 0;
157.54.0.0/15 0;
157.56.0.0/14 0;
207.46.0.0/16 0;
207.68.192.0/20 0;
207.68.128.0/18 0;
#yahoo
8.12.144.0/24 0;
66.196.64.0/18 0;
66.228.160.0/19 0;
67.195.0.0/16 0;
74.6.0.0/16 0;
68.142.192.0/18 0;
72.30.0.0/16 0;
209.191.64.0/18 0;
#My IPs
127.0.0.1/32 0;
123.456.0.0/28 0; #example for your server CIDR
}
limit_req_zone $binary_remote_addr zone=notabot:5m rate=200r/s;
limit_req zone=notabot burst=200 nodelay;
-------------------
However, when I add the same zone "notabot" to HttpLimitConnModule as following
-------------------
limit_conn_zone $binary_remote_addr zone=notabot:5m;
limit_conn_log_level notice;
limit_conn notabot 20;
--------------------
Nginx produces configuration error :
-------------
nginx: [emerg] the shared memory zone "notabot" is already declared for a different use in /server/nginx.conf:116
----------------
The only way for this to work is to add "notabot" zone again with another name. Is there a way to share a zone between 2 modules?
--------------
http://gadelkareem.com/