-
-
Notifications
You must be signed in to change notification settings - Fork 881
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature request: rate limiting (limit_req_zone, limit_req) #1134
Comments
I agree that we'll need a better way of handling modules at some point. I'm not sure that this should be the default configuration, though. |
sorry, I was a little bit inaccurate in my description: Actually, it's not a 3rd party module. |
You'd want to set a limit of connections per IP address by default? I don't think it is the role of a module to take care of that. By the way, I implemented it easily this way in a hiera location section:
But I agree that it could be better if the options were real options and not having to use location_custom_cfg*, but it is currently working. |
no, that's |
Ok, can you achieve it using a |
sure. you could link the zone to the location with |
Hi @khaefeli, I have nothing against the fact that this core feature should be supported. You even offered to create a PR, which is very positive. My only opinion is that limit_req should not be enabled by default by the module. But again, this is very good news, thanks! |
I submitted a PR, it doesn't enable request limiting by default, but it does expose it for configuring now. |
Add support for limit_req_zone in main nginx config and limit_req: Fixes #1134
Add support for `limit_req_zone` in main nginx config and `limit_req` for `nginx::resource::location`. In init.pp `limit_req_zone` can be a String, or an array of String In resource/location.pp `limit_zone` can be a String and should point to a zone defined from `limit_req_zone` in init.pp
Add support for limit_req_zone in main nginx config and limit_req: Fixes voxpupuli#1134
(D)DoS, brute force attacks etc are everywhere.
We want to protect our backends from excessive requests and load.
Nginx is supporting rate limiting in the
ngx_http_limit_req_module
module:https://www.nginx.com/blog/rate-limiting-nginx/
Bring this feature as default to the puppet nginx core and help people to protect their backends.
The text was updated successfully, but these errors were encountered: