Module ngx_http_limit_req_module
english
русский
简体中文
עברית
日本語
türkçe
news
about
download
security advisories
documentation
pgp keys
faq
links
books
support
donation
trac
wiki
nginx.com
| Example Configuration Directives limit_req limit_req_log_level limit_req_zone |
The ngx_http_limit_req_module module (0.7.21) allows
to limit the request processing rate per defined key,
in particular, the processing rate of requests coming
from a single IP address.
The limitation is done using the “leaky bucket” method.
Example Configuration
http {
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
...
server {
...
location /search/ {
limit_req zone=one burst=5;
}
Directives
| syntax: |
limit_req
|
| default: | — |
| context: |
http, server, location |
Sets a shared memory zone and the maximum burst size of requests. If the rate of requests exceeds the rate configured for a zone, their processing is delayed such that requests are processed at a defined rate. Excessive requests are delayed until their number exceeds the maximum burst size in which case the request is terminated with an error 503 (Service Temporarily Unavailable). By default, the maximum burst size is equal to zero. For example, the directives
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
server {
location /search/ {
limit_req zone=one burst=5;
}
allow not more than 1 request per second at an average, with bursts not exceeding 5 requests.
If delaying of excessive requests while requests are being limited is not
desired, the parameter nodelay should be used:
limit_req zone=one burst=5 nodelay;
| syntax: |
limit_req_log_level
|
| default: |
limit_req_log_level error; |
| context: |
http, server, location |
This directive appeared in version 0.8.18.
Sets the desired logging level
for cases when the server refuses to process requests
due to rate being exceeded,
or delays request processing.
Delays are logged with the level one less than refusals; for example,
if “limit_req_log_level notice” is specified,
delays are logged with the info level.
| syntax: |
limit_req_zone
|
| default: | — |
| context: |
http |
Sets parameters of a shared memory zone that keeps states for various keys. The state stores the current number of excessive requests in particular. The key is any non-empty value of the specified variable (empty values are not accounted). Example usage:
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
Here, the states are kept in a 10 megabyte zone “one”, and an average request processing rate for this zone cannot exceed 1 request per second.
An IP address of the client serves as a key.
Note that instead of $remote_addr, the
$binary_remote_addr variable is used here,
allowing to lower the size of a state down to 64 bytes.
One megabyte zone can keep about 16 thousand 64-byte states.
If the storage for a zone is exhausted, the server will return error
503 (Service Temporarily Unavailable)
to all further requests.
The rate is specified in requests per second (r/s). If a rate of less than one request per second is desired, it is specified in request per minute (r/m). For example, half-request per second is 30r/m.