Welcome! Log In Create A New Profile

Advanced

Re: HTTP status 429 instead of 503 on throttled requests

Previous Message Next Message
Forum List Message List New Topic Print View
Maxim Dounin
February 17, 2021 02:28PM
Hello!

On Wed, Feb 17, 2021 at 06:56:36PM +0000, Kaisersberger, Klaus wrote:

> Hi there
>
> nginx responds with 503 for requests discarded due to throttling (https://www.nginx.com/blog/rate-limiting-nginx/).
> This seems to contradict https://tools.ietf.org/rfc/rfc6585.txt, that recommends 429 (Too Many Requests) instead.
>
> Should nginx be adjusted?

There are no such plans, in particular, because it is generally a
bad idea to report to an attacker that the attack was detected and
being mitigated.

If you think that in your particular case returning 429 is a good
idea, you can adjust your configuration by using the
limit_req_status directive (http://nginx.org/r/limit_req_status).

--
Maxim Dounin
http://mdounin.ru/
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Reply Quote
RSS
Subject Author Views Posted

HTTP status 429 instead of 503 on throttled requests

Kaisersberger, Klaus 274 February 17, 2021 01:58PM

Re: HTTP status 429 instead of 503 on throttled requests

Maxim Dounin 105 February 17, 2021 02:28PM

RE: HTTP status 429 instead of 503 on throttled requests

Kaisersberger, Klaus 165 February 17, 2021 02:38PM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 190
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready