Menu
I'm developing an anti application-layer attack module for NGINX and I have to count the request per second (every second). The idea is to make an auto detector of attacks which turns the filtering on when there is an increase in the request rate.
At this time this is happening with the help of a shell script which is reading the access log every second and is calculating the request rate. The problem is that this isn't very performance effective.
If you have an idea on how can I achieve this, please, share your thoughts.
Thank you!
894
You can use HttpLimitReqModule:
http {
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
...
server {
...
location /search/ {
limit_req zone=one burst=5;
}
reference: http://wiki.nginx.org/HttpLimitReqModule
182
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
