nGinx Rate Limit Double-Check

Kevin

10/9/22, 2:40 PM

So... I have a need where I need to rate limit bots, and specific IP addresses. I am wondering if this is what I need to do before implementing in a live production environment...

map $http_user_agent $limit_bots {
    default '';
    ~*(bingbot|yandex|msnbot|googlebot) $binary_remote_addr;
}

geo $limit_ip {
    default 0;
    1.1.1.22/32 1; # fake ip 1
    1.1.1.23/32 1; # fake ip 2
}

map $limit_ip $limit_ips {
    1 "";
    0 $binary_remote_addr;
}

limit_req_zone $limit_bots zone=bots:10m rate=1r/m;
limit_req_zone $limit_ips zone=ips:10m rate=1r/m;

The bots works fine. But I want to be able to add a "blacklist" of ip addresses to rate limit as well. I've read the nginx documentation, but unfortunately, it is not making too much sense to me...

Am I right in my thinking with the above geo block?

0 + 1

nginx

rate-limiting

djdomi

10/10/22, 12:55 PM

hoes this help? https://serverfault.com/questions/692375/rate-limit-misconfigured-bots?rq=1 or https://serverfault.com/questions/639671/nginx-how-to-limit-request-rate-based-on-user-agent?rq=1

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: nGinx Rate Limit Double-Check

TH: ขีด จำกัด อัตรา nGinx ตรวจสอบอีกครั้ง

RO: Limita ratei nGinx Verificați dublu

RU: Двойная проверка лимита скорости nGinx

VI: Kiểm tra kỹ giới hạn tỷ lệ nGinx

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.