Welcome! Log In Create A New Profile

Advanced

Re: Patch proposal: allow alternatives to 503 status code in limit_req module

Maxim Dounin
March 02, 2013 06:16PM
Hello!

On Fri, Mar 01, 2013 at 09:23:08PM -0500, Nick Marden wrote:

> Hey there,
>
> I've been doing some work using limit_req to prevent overzealous clients
> from DOS'ing my site. Specifically, I wanted to use a different HTTP status
> code such as 420 or 429 so that it would be straightforward to show a "hey
> man, chill out" page rather than my generic 503 error page.
>
> Attached is a patch that enables this option for the limit_req directive.
> It still defaults to 503, but you can set it to any 4xx or 5xx value of
> your choosing by specifying
>
> limit_req zone=foo burst=10 status_code=420;
>
> for example.

I don't think this should be per-limit settings, for the following
reasons in no particular order:

- This makes things complicated in case of multiple limits used.
Current concept is to pass a request if it satisfies all limits
configured. If at least one limit reached - request is rejected
(and nothing else happens). With such aproach limit check order
isn't significant. Introducing per-limit status code will make
check order significant.

- There is no way to easily set default code server-wide.

I think it should be separate directive to set status, something
like

limit_req_status 429;

Additionally, there should be limit_conn counterpart,

limit_conn_status 429;

> I hope I've sent this to the right place. Please let me know where else to
> send it if I'm in the wrong place.

It's the right place.

--
Maxim Dounin
http://nginx.org/en/donation.html

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

Patch proposal: allow alternatives to 503 status code in limit_req module Attachments

Nick Marden 912 March 01, 2013 09:24PM

Re: Patch proposal: allow alternatives to 503 status code in limit_req module

Maxim Dounin 390 March 02, 2013 06:16PM

Re: Patch proposal: allow alternatives to 503 status code in limit_req module Attachments

Nick Marden 460 March 05, 2013 01:30PM

Re: Patch proposal: allow alternatives to 503 status code in limit_req module

Maxim Dounin 379 March 18, 2013 10:52AM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 209
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready