Welcome! Log In Create A New Profile

Advanced

RE: HTTP status 429 instead of 503 on throttled requests

Kaisersberger, Klaus
February 17, 2021 02:38PM
Hello!

While I am still not sure if it is a good idea to default to not to honor the same RFCs the whole internet is basically built on, your configuration option link will perfectly help us out in our scenario. Thank you!--Klaus

-----Original Message-----
From: nginx-devel <nginx-devel-bounces@nginx.org> On Behalf Of Maxim Dounin
Sent: Wednesday, February 17, 2021 8:27 PM
To: nginx-devel@nginx.org
Subject: Re: HTTP status 429 instead of 503 on throttled requests

++++++ !!! EXTERNAL MESSAGE: PLEASE USE CAUTION BEFORE OPENING LINKS OR ATTACHMENTS !!! ++++++


Hello!

On Wed, Feb 17, 2021 at 06:56:36PM +0000, Kaisersberger, Klaus wrote:

> Hi there
>
> nginx responds with 503 for requests discarded due to throttling (https://smex-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=https%3a%2f%2fwww.nginx.com%2fblog%2frate%2dlimiting%2dnginx%2f&umid=e37e541a-9aed-4fb6-94d6-f67c2e9a122b&auth=a7091ace1f2cd12c20469ba3f18a84072a5d0059-289691262c69ae7106e6fa6c2f3cf889b2deb14b).
> This seems to contradict https://smex-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=https%3a%2f%2ftools.ietf.org%2frfc%2frfc6585.txt&umid=e37e541a-9aed-4fb6-94d6-f67c2e9a122b&auth=a7091ace1f2cd12c20469ba3f18a84072a5d0059-5235c3e1a3c12049cfb2e2cbcf8269fef99ed341, that recommends 429 (Too Many Requests) instead.
>
> Should nginx be adjusted?

There are no such plans, in particular, because it is generally a
bad idea to report to an attacker that the attack was detected and
being mitigated.

If you think that in your particular case returning 429 is a good
idea, you can adjust your configuration by using the
limit_req_status directive (https://smex-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=http%3a%2f%2fnginx.org%2fr%2flimit%5freq%5fstatus&umid=e37e541a-9aed-4fb6-94d6-f67c2e9a122b&auth=a7091ace1f2cd12c20469ba3f18a84072a5d0059-f4eba0c1d2b86bcf8e88dc3f7ec6bc12dd385b95).

--
Maxim Dounin
https://smex-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=http%3a%2f%2fmdounin.ru&umid=e37e541a-9aed-4fb6-94d6-f67c2e9a122b&auth=a7091ace1f2cd12c20469ba3f18a84072a5d0059-76080fd5dbe5d1332f0ef9d013b7f4617fe7a393
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
https://smex-ctp.trendmicro.com:443/wis/clicktime/v1/query?url=http%3a%2f%2fmailman.nginx.org%2fmailman%2flistinfo%2fnginx%2ddevel&umid=e37e541a-9aed-4fb6-94d6-f67c2e9a122b&auth=a7091ace1f2cd12c20469ba3f18a84072a5d0059-f05a999bad8951d93c94ed23ddc8be65422e2023
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

HTTP status 429 instead of 503 on throttled requests

Kaisersberger, Klaus 45 February 17, 2021 01:58PM

Re: HTTP status 429 instead of 503 on throttled requests

Maxim Dounin 13 February 17, 2021 02:28PM

RE: HTTP status 429 instead of 503 on throttled requests

Kaisersberger, Klaus 19 February 17, 2021 02:38PM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 76
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready