On Sun, Oct 25, 2015 at 12:22 PM, Roland RoLaNd <r_o_l_a_...@hotmail.com> wrote: > > Hello, > > I am trying to rate limit requests depending on their specific identifier > which is sent either as a post header or a query string parameter. > > Below is my starting config (am i mistaken to be using this ? ) > > stick-table type string len 70 size 5M expire 1m store > gpc0_rate(60s),conn_cnt,conn_cur,conn_rate(60s),sess_cnt,sess_rate(60s),http_req_rate(60s) > > stick on url_param(uid) > > > my hope is to use a throttled backend, if connections within 1 minute from > the same UID (query string or post header) exceeds 30 > > I have the same setup working with IPs though im finding it a bit tricky to > do the same with qs/headers > > > Any advice on the right direction? i am not confident with the above > counters.... >
Hi, You can have multiple stick on lines. They'll be process in the order you write them and the first match stop the processing. It means all solutions will work: - client sending the url parameter only - client sending the HTTP header only - client sending both URL parameter and HTTP header stick-table type string len 70 size 5M expire 1m store gpc0_rate(60s),conn_cnt,conn_cur,conn_rate(60s),sess_cnt,sess_rate(60s),http_req_rate(60s) stick on url_param(uid) stick on req.hdr(UID) We use this type of configuration to maintain persistence on JSESSIONID cookie which may be found either in a Cookie or in a url parameter. Baptiste