In our Nginx config we currently have this:-
limit_req_zone $binary_remote_addr zone=two:10m rate=15r/m;
limit_req zone=two burst=5 nodelay;
Now we want to change this so that this rate limit applies to certain IP addresses, and then have another rate limit that applies to others that is slightly less restrictive.
geo $limited_net {
default 0;
111.222.333.444 1;
}
map $limited_net $addr_to_limit {
0 "";
1 $binary_remote_addr;
}
limit_req_zone $addr_to_limit zone=two:10m rate=15r/m;
geo $less_limited_net {
default 1;
111.222.333.444 0;
}
map $less_limited_net $addr_to_limit_less {
0 "";
1 $binary_remote_addr;
}
limit_req_zone $addr_to_limit_less zone=three:10m rate=25r/m;
So the traffic from the IP 111.222.333.444 will be affected by the rate 1st more restrictive rate limit, and not by the second less restrictive one.
Does this give me what I want?