Welcome! Log In Create A New Profile

Re: whitelist 'notabot' not working in limit_conn

Forum List Message List New Topic Print View

Maxim Dounin

August 04, 2014 11:08AM

Hello!

On Sun, Aug 03, 2014 at 01:28:45PM -0600, Alex Flex wrote:

> Iam trying to whitelist some IPs in the geo #connlimit1 so that the
> limit_conn doesnt apply to it. For some reason its not working... those ips
> are always being limited. I must be doing something obviously wrong guidance
> appreciated.
>
>
> Alex
>
>
> server {
>
> geo $connlimit1 {
> default 1;
> #whitelist client
> 21.199.62.74/32 0;
> 5.97.162.77/32 0;
> }
> limit_conn_zone $binary_remote_addr zone=connlimit1:10m;
> }
>
> http {
> location / { limit_conn connlimit1 8; ....; }
> }

There are no whitelisting in your configuration. The
limit_conn_zone directive uses the $binary_remote_addr variable,
which is always set. To whitelist some ips, you have to use a
variable which is empty for whitelisted addresses (empty values
are not accounted, see http://nginx.org/r/limit_conn_zone).

Example:

geo $whitelist {
default 0;
127.0.0.1 1;
}

map $whitelist $limit {
0 $binary_remote_address;
1 "";
}

limit_conn_zone $limit zone=connlimit:10m;
limit_conn connlimit 8;

--
Maxim Dounin
http://nginx.org/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
whitelist 'notabot' not working in limit_conn	Alex Flex	August 03, 2014 03:30PM
Re: whitelist 'notabot' not working in limit_conn	Maxim Dounin	August 04, 2014 11:08AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 212

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018