0

My server is constantly being flooded and I am looking to limit the connections. I want to do this at the server level (because I have multiple websites) but every now and then I run a cache warm script from a particular IP. 

limit_req_zone $binary_remote_addr zone=one:10m rate=30r/m;
limit_conn_zone $binary_remote_addr zone=addr:10m;
limit_req zone=one;
limit_conn addr 10;

How I can do rate limiting but exclude this particular IP (or set of IPs)

Quintin Par
  • 4,293
  • 10
  • 46
  • 72
  • Please show your whole Nginx configuration. I'd like to see those limits in context. limit_req can operate in the http, server, or location scope - that might help. – Tim Jun 19 '17 at 20:08
  • I took this code from the web after I noticed a flood of attacks. Haven’t applied this code anywhere, yet – Quintin Par Jun 19 '17 at 20:48
  • Using this code will limit requests, but will keep connections open to your server. That is another form of denial of service, [read this](https://en.wikipedia.org/wiki/Slow_loris) You may want to explore using a service such as CloudFront or CloudFlare to provide DDOS protection / security for your websites. – Tim Jun 19 '17 at 21:43

0 Answers0