NGINX防CC和DDOS攻击模块HttpLimitZoneModule和HttpLimitReqModule

HttpLimitZoneModule  配置说明

This module makes it possible to limit the number of simultaneous connections for the assigned session or as a special case, from one address.

Example configuration

http {
  limit_zone   one  $binary_remote_addr  10m;
 
  server {
    location /download/ {
      limit_conn   one  1;
    }
  }
}

HttpLimitReqModule  配置说明

This module allows you to limit the number of requests for a given session, or as a special case, with one address.

Restriction done using leaky bucket.

Example Configuration

http {
    limit_req_zone  $binary_remote_addr  zone=one:10m   rate=1r/s;

    ...

    server {

        ...

        location /search/ {
            limit_req   zone=one  burst=5;
        }

发表评论