Step: 1 Defining zone in server or http block
Step 2: adding rules in location block.
Step: 1 Defining Rate limit zone in nginx server or http block
Step 2: adding rate limit rules in nginx location block.
limit_req zone=one burst=10 delay=5;
Nginx Rate limiting configuration in http server block
ngnx.conf or domain.conf
at http or server blockl
limit_req_zone $binary_remote_addr zone=basic_limit:10m rate=3r/s;
Sample Nginx rate limit configuration in location block
Nginx Rate limiting burst explained specific url location
* The first one is accepted and processed
* Because you allow 1+3, there’s 1 request which is immediately rejected, with a 503 status code
* The 3 other ones will be treated, one by one, but not immediately. They will be treated at the rate of 1r/s to stay within the limit your set.
Nginx Rate limit burst nodelay explained
Nginx Rate limiting burst delay explained
delaying request, excess: 5.200, by zone “one”,
delaying request, excess: 5.600
nginx rate limiting not working
understanding rate limiting in nginx error log
delaying request, excess: 1.000, by zone “one” 1/r sec with burst.
limiting requests, excess: 10.200 by zone “one”,
limit reached timeout error occurs.
Blocking IP with Fail2ban and nginx rate limiting
fail2ban looks into nginx error log, if the ip the address repeatedly based on maxretry and in specified time find, that will be for a given period hours, week, days etc.