Score:0

nGinx Rate Limit Double-Check

cn flag

So... I have a need where I need to rate limit bots, and specific IP addresses. I am wondering if this is what I need to do before implementing in a live production environment...

map $http_user_agent $limit_bots {
    default '';
    ~*(bingbot|yandex|msnbot|googlebot) $binary_remote_addr;
}

geo $limit_ip {
    default 0;
    1.1.1.22/32 1; # fake ip 1
    1.1.1.23/32 1; # fake ip 2
}

map $limit_ip $limit_ips {
    1 "";
    0 $binary_remote_addr;
}

limit_req_zone $limit_bots zone=bots:10m rate=1r/m;
limit_req_zone $limit_ips zone=ips:10m rate=1r/m;

The bots works fine. But I want to be able to add a "blacklist" of ip addresses to rate limit as well. I've read the nginx documentation, but unfortunately, it is not making too much sense to me...

Am I right in my thinking with the above geo block?

djdomi avatar
za flag
hoes this help? https://serverfault.com/questions/692375/rate-limit-misconfigured-bots?rq=1 or https://serverfault.com/questions/639671/nginx-how-to-limit-request-rate-based-on-user-agent?rq=1
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.