Welcome! Log In Create A New Profile

Advanced

need help with throttling IP's using rewrite from rate-limited named location

Posted by hwhw 
need help with throttling IP's using rewrite from rate-limited named location
June 28, 2012 09:50PM
Hey guys. I'm trying to rate-limit certain ip addresses using limit_req_zone and rewrites, as below:

http {
...
geo $limitMe {
default 0;
00.000.000.000 1; #some bad IP i want to limit
}

limit_req_zone $binary_remote_addr zone=limited:10m rate=20r/m; #define the limited zone to be 20r/m max

server {
server_name foo.com;
listen 80;

error_page 404 = @limitZone; # if the ip address is the bad address, go to the @limitZone named location
if ($limitMe) {
return 404;
}

location / {
root /some/folder/;
}

location @limitZone { #this location is just supposed to rate-limit requests, but then redirect them to their original intended location
limit_req zone=limited burst=10 nodelay;
rewrite ^ $uri last;
}
}
}

The problem is that the limit_req zone seems to no longer apply when I do the rewrite from @limitZone. I can send way more than 20 request per second at the bad ip (i set it to be my own ip for testing)
- requests from the bad IP gets directed to @limitZone as expected
- if @limitZone is a copy of location / ("root /some/folder/;" instead of "rewrite ^ $uri last") EVERYTHING WORKS FINE, RATE LIMIT TAKES EFFECT

so there's something with my rewrite statement, or the limit_req_zone is somehow incompatible with redirections? Any help will be appreciated, I've been stuck on this for hours
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 237
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready