Yuk… http { # ... other http settings limit_req_zone $binary_remote_ad...

reactordev • yesterday at 8:16 PM • 1 reply • view on HN

Yuk…

   http {
       # ... other http settings
       limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10r/s;
       # ...
   }


    server {
        # ... other server settings
        location / {
            limit_req zone=mylimit burst=20 nodelay;
            # ... proxy_pass or other location-specific settings
        }
    }

Rate limit read-only access at the very least. I know this is a hard problem for open source projects that have relied on web access like this for a while. Anubis?

Replies

PaulDavisThe1st • yesterday at 8:32 PM

We used fail2ban to do rate limiting first. It wasn't adequate.

➕ show 1 reply

alt Hacker News

Replies