Hi. I am trying to replicate the functionality of mod_evasive on Apache, which basically says that at the same point the same IP can have only "X connections per second".
I see the example here:
http://wiki.nginx.org/HttpLimitZoneModule
But this uses "binary_remote_addr". How does this cater for shared IPs, where people in the same network may actually have the same remote addr.
Can I therefore use some other variable, such as a combination of "binary_remote_addr" and their "http_user_agent"?
What is the most often used value in production environments?
Thanks!