I'm looking for a way to limit Nginx for location to a number of requests per second independent of the origin IP. From my understanding the rate limiting feature is IP sensitive which cannot be turned off.
What would be the right approach here?
I'm looking for a way to limit Nginx for location to a number of requests per second independent of the origin IP. From my understanding the rate limiting feature is IP sensitive which cannot be turned off.
What would be the right approach here?
Like so
limit_req_zone global zone=global_limit:1k rate=50/s;
The global
part is the key Nginx uses to bucket requests. By setting it to a static string (could be anything), rather than a variable, all requests will go into the same bucket.
To limit by IP, you would set it to $binary_remote_addr
. You can rate limit on just about anything (see https://www.nginx.com/blog/dynamic-bandwidth-limits-nginx-plus-key-value-store/#Complete-Sample-NGINX-Configuratio for a complex example).