2

I've successfully applied rate-limiting to 1r/s in my Nginx configuration, however I want to implement a function that will apply different rate limit settings (20r/s) for whitelisted IPs. Here are the relevant config settings:

nginx.conf

limit_req_zone $limit zone=all:20m rate=1r/s;

domain.conf

geo $whitelist { default 1; 1.1.1.1 0; } map $whitelist $limit { 0 ""; 1 $binary_remote_addr; } limit_req zone=all burst=5;

This works as expected, when I whitelist 1.1.1.1, I can access the website without being rate limited at all. How can I implement a limit of 20r/s for the whitelisted IPs? I understand that the solution is not to use 2 zones, but I have read the documentation several times and am at a loss as to how to implement this. Thanks in advance.

Improve this question
3
  • In reading the nginx.org documentation, it seems like using more than one zone is the solution, but it has been some time since I experimented with that directive, so I'm not sure why you do not want to use more than one zone. Commented Jul 3, 2017 at 14:30
  • The problem is that I don't know what it should look like. Even if I add another zone called whitelist w/ 20r/s and apply limit_req zone=whitelist burst=5; Nginx is still ignoring it and ratelimitting it using the zone=all Commented Jul 3, 2017 at 15:06
  • I actually found the example nginx.com/blog/rate-limiting-nginx but it's always hitting the req_zone_wl zone no matter what IP I whitelist. Commented Jul 3, 2017 at 17:13

1 Answer 1

Reset to default
0 
limit_req_zone $limit zone=all:20m rate=1r/s; geo $whitelist { default 1; 1.1.1.1 0; } map $whitelist $limit { 0 ""; 1 $binary_remote_addr; } limit_req_zone $whitelist zone=new:10m rate=25r/m; burst=5;
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.