Questions tagged [rate-limiting]
In computer networks, rate limiting is used to control the rate of traffic sent or received on a network interface.
249
questions
0
votes
0
answers
14
views
Concurrency rate limiter value on a service
I got a C# .NET 8 service. .Net 8 delivers a built in concurrency limiter to limit the concurrent requests made to the service, with an option to define a queue for requests made if their number pass ...
- 97
1
vote
1
answer
124
views
How to Dynamically Adjust Rate Limits Based on Concurrent Connections in Nginx?
I am currently facing a challenge with dynamically adjusting rate limits in my Nginx configuration based on the number of concurrent connections to my web server.
Problem Statement:
I have set up a ...
- 11
0
votes
1
answer
311
views
What's the best method to implement rate limiting with Apache?
I'm running an Apache web server, and I'd like to add some simple rate limiting per individual IP address.
I'm currently getting what appears to be a lot of bot requests hitting the website, and it's ...
- 131
0
votes
0
answers
89
views
Nginx rate limiting doesn't seem to work at all
I am trying to make rate limiting work for PHP files (which we don't use at all, and I don't want hackers to endlessly try a million PHP files on our server). We're using CloudFlare to proxy our site, ...
- 101
1
vote
0
answers
83
views
NGINX Rate Limiting Configuration Leading to 404 Error for Specific Route in Plesk-Managed CakePHP App
I'm using Plesk 18 with NGINX as a proxy in front of Apache2 for a CakePHP application. I have set up rate limiting in my NGINX configuration (/etc/nginx/nginx.conf) with limit_req_zone $...
- 111
0
votes
1
answer
31
views
RateLimit is doing weird maths and wrong numbers on kernel
I'm trying to apply a set of rate limit within iptables, and it's doing some weird maths that i'm not able to see on the kernel why this is happen.
I tried to execute same code on my local machine, ...
- 21
0
votes
1
answer
82
views
What is the minimum and maximum value for --limit option in iptables?
I have below iptable rule
iptables -A PRIO_IN -p tcp -s 203.0.113.0 --sport 5432 -d 203.0.113.0 --dport 5432 -j ACCEPT -m limit --limit 100000/sec
When i run this rule, i get error as Rate too fast ...
- 105
0
votes
1
answer
138
views
Defining Burst and No Delay for NGINX
I'm trying to limit my server (an API) to only allow 3 requests to be made per second (by IP, coming from Cloudflare), and after that the user receives an HTTP 429 code.
I don't want to allow anything ...
- 289
2
votes
1
answer
204
views
Rate limiting PHP requests in the absence of WordPress/WooCommerce cookies in Nginx
I want to rate limit PHP requests in the absence of wp-*, wordpress-*, comment_*, woocommerce_* cookies. I have the following configuration, which works, but it doesn't include the cookie check:
http {...
- 121
1
vote
1
answer
604
views
Testing rate limiting rules in firewalld
I want to rate limit ssh connections per IP to a server running firewalld.
Suppose my sshd listens on port 2222, and I want to limit ssh connections per IP to 3 per minute. I tried:
sudo firewall-cmd -...
- 999
1
vote
2
answers
85
views
.io auth. NS refuses UDP response to dnsviz.net – why shouldn’t I, too?
Seriously, say, I block (return, not drop of course) UDP :53 in to my authoritative nameserver. Resolvers will fall back to TCP and I won’t need any rate limiting against spoofed source IPs. Because ...
- 100
1
vote
1
answer
588
views
Rate limit specific PHP endpoints when running Nginx with php-fpm
Like many apps, I have some endpoints that are more sensitive than others, such as login & password reset, and need rate limiting. However, nginx handles all requests for PHP resources through a ...
- 3,280
1
vote
1
answer
193
views
What things should I consider when identifying and rate limiting bots?
// Not sure if this question is best fit for serverfault or webmasters stack exchange...
I am thinking to rate limit access to my sites because identifying and blocking bad bots take most of my time.
...
- 1,169
0
votes
1
answer
667
views
Is there a way of telling web crawlers / robots about number of requests limit per second / minute / etc
I was thinking on a way similar to robots.txt that is used by good bots crawling a website. In the robots.txt I can define the User-agent, Allow and Disallow.
My goal is to pass the message about the ...
- 423
0
votes
1
answer
1k
views
Maximum QPS with Google Load Balancer
In GCP's documentation, Google claims to support up to 1million queries per second. My team, however, as part of a project, decided to put both the Regional HTTPS LB and Global HTTPS LB to test.
Here ...
google-cloud-platform