AW: rate-limiting and retry-after header
Hello Jérôme, On 2022-06-20 13:43, Jérôme Magnin wrote: You can with an http-after-response rule. See https://cbonte.github.io/haproxy-dconv/2.5/configuration.html#http-after-response Or you can use an http-request return rule instead of deny/deny_status to set the status code and header with the same rule. https://cbonte.github.io/haproxy-dconv/2.5/configuration.html#http-request%20return Thank you for your quick response. But how can I get/ calculate the value of the retry-after header? Cheers Corin
Re: rate-limiting and retry-after header
Hello Corin, On 2022-06-20 13:18, Corin Langosch wrote: Hi guys, I'm using haproxy 2.5 and have some basic rate limiting configured like this (the actual configuration contains more rules for different urls): backend test acl rate_limit_by_ip_exceeds_limit src,table_http_req_rate(rate_limit_by_ip) gt 100 http-request deny deny_status 429 if rate_limit_by_ip_exceeds_limit http-request track-sc0 src table rate_limit_by_ip ... backend rate_limit_by_ip stick-table type ipv6 size 1m expire 24h store http_req_rate(5m) Is there any way to include a "retry-after" header in case the rate limit is exceeded? You can with an http-after-response rule. See https://cbonte.github.io/haproxy-dconv/2.5/configuration.html#http-after-response Or you can use an http-request return rule instead of deny/deny_status to set the status code and header with the same rule. https://cbonte.github.io/haproxy-dconv/2.5/configuration.html#http-request%20return -- Jérôme
rate-limiting and retry-after header
Hi guys, I'm using haproxy 2.5 and have some basic rate limiting configured like this (the actual configuration contains more rules for different urls): backend test acl rate_limit_by_ip_exceeds_limit src,table_http_req_rate(rate_limit_by_ip) gt 100 http-request deny deny_status 429 if rate_limit_by_ip_exceeds_limit http-request track-sc0 src table rate_limit_by_ip ... backend rate_limit_by_ip stick-table type ipv6 size 1m expire 24h store http_req_rate(5m) Is there any way to include a "retry-after" header in case the rate limit is exceeded? Cheers Corin
