Let's say that we have two virtual hosts serving two domains: blog.com and store.com. Let's suppose that we need to apply the following limits:
- blog.com: no more than 5 connections per ip, and no more than 50 total connections to the virtual host
- store.com: no more than 10 connections per ip, and no more than 100 connections to the virtual host.
Considering that. Which would be the correct aproach?
## ---------------- Approach 1 ---------------- ##
http {
limit_conn_zone $binary_remote_addr zone=conn_per_ip:5m;
limit_conn_zone $server_name zone=conn_per_server:5m;
server {
server_name blog.com;
limit_conn conn_per_ip 5;
limit_conn conn_per_server 50;
...
}
server {
server_name store.com;
limit_conn conn_per_ip 10;
limit_conn conn_per_server 100;
...
}
...
}
## ---------------- Approach 2 ---------------- ##
http {
limit_conn_zone $binary_remote_addr zone=blog_conn_per_ip:5m;
limit_conn_zone $server_name zone=blog_conn_per_server:5m;
server {
server_name blog.com;
limit_conn blog_conn_per_ip 5;
limit_conn blog_conn_per_server 50;
...
}
limit_conn_zone $binary_remote_addr zone=store_conn_per_ip:5m;
limit_conn_zone $server_name zone=store_conn_per_server:5m;
server {
server_name store.com;
limit_conn store_conn_per_ip 10;
limit_conn store_conn_per_server 100;
...
}
...
}
Notice that in the first approach only two memory shared zones are declared, while in the second approach, four of them are declared.
I appreciate any clarification on this! Thanks in advance.