Apply nginx rate limits to certain IP addresses, and another rate limit to others

stuwat Mon, 30 Oct 2017 06:46:48 -0700

In our Nginx config we currently have this:-

limit_req_zone $binary_remote_addr zone=two:10m rate=15r/m;
limit_req zone=two burst=5 nodelay;


Now we want to change this so that this rate limit applies to certain IP
addresses, and then have another rate limit that applies to others that is
slightly less restrictive.

geo $limited_net {
    default      0;
    111.222.333.444  1;
}

map $limited_net $addr_to_limit {
    0  "";
    1  $binary_remote_addr;  
}

limit_req_zone  $addr_to_limit  zone=two:10m  rate=15r/m;


geo $less_limited_net {
    default      1;
    111.222.333.444  0;
}

map $less_limited_net $addr_to_limit_less {
    0  "";
    1  $binary_remote_addr;
}

limit_req_zone  $addr_to_limit_less  zone=three:10m  rate=25r/m;

So the traffic from the IP 111.222.333.444 will be affected by the rate 1st
more restrictive rate limit, and not by the second less restrictive one.

Does this give me what I want?

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,277126,277126#msg-277126

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Apply nginx rate limits to certain IP addresses, and another rate limit to others

Reply via email to