Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [rate-limiting]

In computer networks, rate limiting is used to control the rate of traffic sent or received on a network interface.

Traffic that is less than or equal to the specified rate is sent, whereas traffic that exceeds the rate is dropped or delayed. Rate limiting is performed by policing (discarding excess packets), queuing (delaying packets in transit) or congestion control (manipulating the protocol’s congestion mechanism). Policing and queuing can be applied to any network protocol. Congestion control can only be applied to protocols with congestion control mechanisms, such as the transmission control protocol (TCP).

240 questions
0
votes
0 answers

Nginx Rate Limit blocks connections even when it doesn't exceed the limit

We are trying to use Nginx as a server for load balancing, and for security reasons, we decided to apply the native rate limiting feature, configuring it so that when there are more than 200 requests per second, the user has the request blocked. We…
Tom
  • 217
  • 3
  • 12
0
votes
0 answers

Nginx limit_req_zone misbehavior

I want to block requests by IP and URI. I have this anti-DOS nginx config. It does not work. geo $blacklist { default block; someIPs white; } map $blacklist $limit { block "$binary_remote_addr $uri"; white …
Top Secret
  • 1
0
votes
0 answers

What's The Difference Between Rate-Limiting and Throttling?

I keep hearing the terms used interchangeably, but is there an actual difference? In this article they mention: Rate Limiting and Throttling policies are designed to limit API access, but have different intentions: Rate limiting protects an API by…
Alex Weitz
  • 123
  • 7
0
votes
0 answers

Haproxy rate limit monitoring

I’m using rate limiting with my haproxy18 and I’d like to somehow squeeze out metrics from it based on ip addresses, who is close to the limit or how the users are hitting the limits. This is my config related to rate limiting: ... stick-table…
Badb0y
  • 15
  • 2
0
votes
0 answers

Rate limit not working as expected on nginx

I have request rate limit set as: 20 r/m burst=4 delay=2 My expectation is that 1 request will be handled every 3 seconds. For any bursts, upto 4 requests (beyond the rate [1 per 3 seconds]) will be queued, of which 2 will be immediately handled…
variable
  • 137
  • 7
0
votes
0 answers

Requests beyond the rate are added to the zone or to the queue?

http { #... limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s; server { #... location /search/ { limit_req zone=one burst=5; } } } With this configuration, if request rate exceeds 1…
variable
  • 137
  • 7
0
votes
0 answers

What is the difference between 10r/s burst=0 and 1r/s burst=9 nodelay?

What is the difference between: 10r/s and burst=0 1r/s and burst=9 nodelay 1st case has processing size capacity of 10r/s. So it allows 10 requests to happen in parallel per second, 11th concurrent request is rejected. In 2nd case the processing…
variable
  • 137
  • 7
0
votes
0 answers

nginx limit_req_zone rate limiting granularity

How should the rate be interpreted in the nginx rate limiting module? 10 r/s means 1 request every 100ms - this means granularity is 100ms; and 2nd request within the 100ms will get rejected. Does 30 r/m mean 1 request every 2 seconds (2000ms)?…
variable
  • 137
  • 7
0
votes
1 answer

How to limit Nginx to max 50 request per second independent from IP

I'm looking for a way to limit Nginx for location to a number of requests per second independent of the origin IP. From my understanding the rate limiting feature is IP sensitive which cannot be turned off. What would be the right approach here?
frlan
  • 563
  • 5
  • 27
0
votes
1 answer

Postfix Rate limiting according to a particular user

So this question is again on the table. I have tried to get my answer from forums documents but I wasn't able to find the desired answer. So, Here is my question I have created a mail server with postfix now what I want is to create quotas for a…
sanjib
  • 63
  • 5
0
votes
1 answer

Rate Limiting Only the Home Page With NGINX limit_req_zone

I have a Wordpress multisite installation and I have some bots hammering the home pages. I would like to set a rate limit only on the home page(s) of the site(s) but leave the other pages unlimited. My trouble is crafting an NGINX location that will…
Elkrat
  • 5
  • 1
0
votes
0 answers

HAproxy: per-client queue for rate limiting?

I’d like to put a rate limit on incoming HTTP requests, but without sending 429 errors. Instead, requests beyond the limit should be put into a queue from which they are processed at a speed that respects the rate limit. It’s important that such a…
dnalor
  • 1
0
votes
0 answers

Handling DDoS HTTP Attack

I’ve experiencing DDoS attack today and I’ve configured Cloudflare rate limiter, also activated WAF. Cloudflare blocked several hundred thousands request. Unfortunately, my server still experiencing pretty high flood request. I don’t know why it…
Putra
  • 1
  • 1
0
votes
1 answer

In rsync the "bwlimit" parameter is explicitly ignored, how to fix this

I have rsyncd version 3.1.2 listening on port 873 and I want to limit the bandwidth with which my files are downloaded by a client connecting to me. I added a bwlimit both in the config file: uid = nobody gid = nogroup [data] path =…
Mnemosyne
  • 127
  • 5
0
votes
1 answer

How to force Linux users to respect max login rate

How does one set a rate-based throttle and/or quota for SSH logins per user on a shared system? For example: limit an SSH login to one time per 10 seconds. Things I've looked at: pam throttle and throttle2, but those look for failed logins and then…
EdwardTeach
  • 622
  • 8
  • 20
1 2 3
15
16