Module ngx_http_limit_req_module

优质

小牛编辑

142浏览

2023-12-01

The ngx_http_limit_req_module module (0.7.21) allows to limit the request processing rate per defined key, in particular, the processing rate of requests coming from a single IP address. The limitation is done using the “leaky bucket” method.

Example Configuration

http {
    limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;

    ...

    server {

        ...

        location /search/ {
            limit_req zone=one burst=5;
        }

Directives

syntax:	`limit_req zone=name [burst=number] [nodelay];`
default:	—
context:	`http`, `server`, `location`

Sets a shared memory zone and the maximum burst size of requests. If the rate of requests exceeds the rate configured for a zone, their processing is delayed such that requests are processed at a defined rate. Excessive requests are delayed until their number exceeds the maximum burst size in which case the request is terminated with an error 503 (Service Temporarily Unavailable). By default, the maximum burst size is equal to zero. For example, the directives

limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;

server {
    location /search/ {
        limit_req zone=one burst=5;
    }

allow not more than 1 request per second at an average, with bursts not exceeding 5 requests.

If delaying of excessive requests while requests are being limited is not desired, the parameter nodelay should be used:

limit_req zone=one burst=5 nodelay;

syntax:	`limit_req_log_level info \| notice \| warn \| error;`
default:	limit_req_log_level error;
context:	`http`, `server`, `location`

This directive appeared in version 0.8.18.

Sets the desired logging level for cases when the server refuses to process requests due to rate being exceeded, or delays request processing. Delays are logged with the level one less than refusals; for example, if “limit_req_log_level notice” is specified, delays are logged with the info level.

syntax:	`limit_req_zone $variable zone=name:size rate=rate;`
default:	—
context:	`http`

Sets parameters of a shared memory zone that keeps states for various keys. The state stores the current number of excessive requests in particular. The key is any non-empty value of the specified variable (empty values are not accounted). Example usage:

limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;

Here, the states are kept in a 10 megabyte zone “one”, and an average request processing rate for this zone cannot exceed 1 request per second.

An IP address of the client serves as a key. Note that instead of $remote_addr, the $binary_remote_addr variable is used here, allowing to lower the size of a state down to 64 bytes. One megabyte zone can keep about 16 thousand 64-byte states. If the storage for a zone is exhausted, the server will return error 503 (Service Temporarily Unavailable) to all further requests.

The rate is specified in requests per second (r/s). If a rate of less than one request per second is desired, it is specified in request per minute (r/m). For example, half-request per second is 30r/m.