Welcome! Log In Create A New Profile

Advanced

Re: Nginx Rate limiting for HTTPS requests

May 20, 2018 02:48PM
Rate limiting is a useful but crude tool that should only be one if four or five different things you do to protect your backend:

1 browser caching
2 cDN
3 rate limiting
4 nginx caching reverse proxy

What are your requests? Are they static content or proxied to a back end?
Do users login?
Is it valid for dynamic content built for one user to be returned to another?

Sent from my iPhone

On May 20, 2018, at 4:24 AM, rickGsp <nginx-forum@forum.nginx.org> wrote:

>>> As I tried to explain in my previous message, "test runs for 60
>>> seconds" can have two different meanings: 1) the load is generated
>>> for 60 seconds and 2) from first request started to the last
>>> request finished it takes 60 seconds.
>
>>> Make sure you are using the correct meaning. Also, it might
>>> be a good idea to look into nginx access logs to verify both time
>>> and numbers reported by your tool.
>
> Yes Maxim, I had understood your point. My test actually ran for 60 to 65
> seconds which means it took 5 additional seconds to process the requests.
> Even access logs says the same. Also, on more powerful machine, I get
> expected result for the same test i.e 500 req/sec load but start seeing
> difference at relatively higher load.It seems to me that a results also
> depends on the resources available on the machine running Nginx.
> Surprisingly, CPU was not hitting the peak on both the machines.I am using
> CentOS systems for this testings.
>
> Actually in another test with plain HTTP requests, I observed the same issue
> of more requests than expected getting processed. However, for HTTP case,
> this behaviour appeared at 700 req/sec input load instead of 500 req/sec as
> in HTTPS. In this test requests got processed within 60 secs.
>
> With all the test results, I am being forced to think that Nginx rate
> limiting may not be able to stop DDoS attack with very high input load but
> is decent enough to handle sudden spikes and load which is slightly higher
> than configured rate limit, and computing power available also plays some
> role here. Do you think I am right?
>
> Posted at Nginx Forum: https://forum.nginx.org/read.php?2,279802,279874#msg-279874
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Nginx Rate limiting for HTTPS requests

rickGsp May 15, 2018 12:20PM

Re: Nginx Rate limiting for HTTPS requests

Maxim Dounin May 15, 2018 01:58PM

Re: Nginx Rate limiting for HTTPS requests

rickGsp May 16, 2018 05:00AM

Re: Nginx Rate limiting for HTTPS requests

Maxim Dounin May 16, 2018 09:28AM

Re: Nginx Rate limiting for HTTPS requests

rickGsp May 20, 2018 04:24AM

Re: Nginx Rate limiting for HTTPS requests

pbooth May 20, 2018 02:48PM

Re: Nginx Rate limiting for HTTPS requests

pbooth May 20, 2018 02:54PM

Re: Nginx Rate limiting for HTTPS requests

rickGsp May 21, 2018 01:09AM

Re: Nginx Rate limiting for HTTPS requests

Maxim Dounin May 21, 2018 08:14AM

Re: Nginx Rate limiting for HTTPS requests

rickGsp May 21, 2018 09:55AM

Re: Nginx Rate limiting for HTTPS requests

Maxim Dounin May 21, 2018 12:46PM

Re: Nginx Rate limiting for HTTPS requests

rickGsp May 22, 2018 12:37PM

Re: Nginx Rate limiting for HTTPS requests

Maxim Dounin May 22, 2018 02:02PM

Re: Nginx Rate limiting for HTTPS requests

rickGsp May 23, 2018 12:58AM

Re: Nginx Rate limiting for HTTPS requests

Maxim Dounin May 23, 2018 03:36PM

Re: Nginx Rate limiting for HTTPS requests

rickGsp May 25, 2018 01:56PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 77
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready