------- Original Message -------
On Sunday, January 30th, 2022 at 2:18 AM, Orlando Della Casa
<[email protected]> wrote:
> I’d like to put a rate limit on incoming HTTP requests, but without sending
> 429 errors.
You could simply delay the request with Lua. We use a stick table to track
requests and if an IP exceeds the limit, a Lua function gets called that delays
the request for a random amount of time. You could probably set a var with the
current req rate and calculate a delay based on that.
Here's a simple example:
# delay_request.lua
function delay_request (txn)
local http_req_rate = txn:get_var('txn.http_req_rate')
-- calculate your delay somehow
core.msleep(delay_ms)
end
core.register_action('delay_request', {'http-req'}, delay_request, 0)
# haproxy.cfg
global
lua-load /path/to/delay_request.lua
frontend fe
stick-table type ipv6 size 1m expire 1m store http_req_rate(1m)
http-request track-sc0 src
acl limit_exceeded src_http_req_rate() gt 60
http-request set-var(txn.http_req_rate) src_http_req_rate()
http-request lua.delay_request if limit_exceeded
...
Bren
