This section includes the configuration sample of NGINX rate limiting feature that enables you to limit the number of HTTP requests a user can make in a given period of time.
In the sample, all clients except for 10.12.100.1
are limited to 1
request per second. More specifically, the sample illustrates how to:
limit_action
variable where 0
stands for unlimited and 1
stands
for limited.global_geo_limiting_map
that will map ip_limit_key
to
ip_limit_action
.limit_req_zone
zone called global_limit_zone
that
limits the number of requests to 1 request per second.global_limit_zone
globally to all requests with 5 requests
burst
and nodelay
.Configuration sample:
nginx:
server:
enabled: true
geo:
enabled: true
items:
global_geo_limiting:
enabled: true
variable: ip_limit_key
body:
default:
value: '1'
unlimited_client1:
name: '10.12.100.1/32'
value: '0'
map:
enabled: true
items:
global_geo_limiting_map:
enabled: true
string: ip_limit_key
variable: ip_limit_action
body:
limited:
name: 1
value: '$binary_remote_addr'
unlimited:
name: 0
value: '""'
limit_req_module:
limit_req_zone:
global_limit_zone:
key: ip_limit_action
size: 10m
rate: '1r/s'
limit_req_status: 503
limit_req:
global_limit_zone:
burst: 5
enabled: true
To apply the request limiting to a particular site, define the limit_req
on a site level. For example:
nginx:
server:
site:
nginx_proxy_openstack_api_keystone:
limit_req_module:
limit_req:
global_limit_zone:
burst: 5
nodelay: true
enabled: true