Welcome! Log In Create A New Profile

Re: limit_req with IP whitelisting

Forum List Message List New Topic Print View

LeMaitre

July 06, 2011 02:43PM

Registered: 12 years ago
Posts: 3

Hello Maxim,

I have tried and I got error 403.

http {
...
geo $nolimit {
default 0;
10.0.0.0/24 1; # my network
192.168.0/24 1; #my network
}
limit_req_zone $binary_remote_addr zone=ratezone:10m rate=5r/s;
...

server {
location / {
error_page 418 = @nolimit;
if ($nolimit) {
return 418;
}
limit_req zone=ratezone burst=10 nodelay;
index.html index.php;
if (!-f $request_filename) {
rewrite ^/(.*)$ /index.php last;
}
}

location @nolimit {
}
...
}

Is it right?

My goal is to block/reduce some DDoS without disturbing the internal subnet network.

P.S: I'm using geoip to redirect some country to a static file but from time to time there's some botnet on the allowed county.

Thanks in advance

Reply Quote

RSS

Subject	Author	Posted
limit_req with IP whitelisting	LeMaitre	July 06, 2011 12:27PM
Re: limit_req with IP whitelisting	Maxim Dounin	July 06, 2011 01:28PM
Re: limit_req with IP whitelisting	LeMaitre	July 06, 2011 02:43PM
Re: limit_req with IP whitelisting	LeMaitre	July 06, 2011 06:39PM
Re: limit_req with IP whitelisting	António P. P. Almeida	July 06, 2011 03:02PM
Re: limit_req with IP whitelisting	Maxim Dounin	July 06, 2011 03:10PM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 200

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018