On Wed, Apr 11, 2018, at 16:43, Anheyer, Tom wrote: > What about: > > sub rate_limit { > > if (req.url ~ "pattern1") { > std.log("pattern1 requests must never be throttled"); > } > else { > if (req.url ~ "pattern2") { > if (vsthrottle.is_denied("pattern2" + client.identity, > 100, 10s)) { > std.log("pattern2 throttling for ip " + > client.identity); > return(synth(429, "ETOOMANYREQUESTS")); > } > } > > if (vsthrottle.is_denied("ip:" + client.identity, 500, 10s)) { > std.log("global throttling for ip " + client.identity); > return(synth(429, "ETOOMANYREQUESTS")); > } > } > > }
Yes, that's one of the alternatives, though the "whitelisted" patterns are more than just one. I ended up doing something like: set req.http.Rate-Limit = "1"; if (whitelisted-pattern1) { set req.http.Rate-Limit = "0"; } if (whitelisted-pattern2) { set req.http.Rate-Limit = "0"; } ... if (req.http.Rate-Limit == "0") { # no rate limiting } else { # yes, do rate limit } I intend to look at vmod_var to see if I can make this prettier. -- Cosimo _______________________________________________ varnish-misc mailing list varnish-misc@varnish-cache.org https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc