Questions tagged [rate-limiting]
In computer networks, rate limiting is used to control the rate of traffic sent or received on a network interface.
250
questions
0
votes
0
answers
13
views
Concurrency rate limiter value on a service
I got a C# .NET 8 service. .Net 8 delivers a built in concurrency limiter to limit the concurrent requests made to the service, with an option to define a queue for requests made if their number pass ...
1
vote
1
answer
120
views
How to Dynamically Adjust Rate Limits Based on Concurrent Connections in Nginx?
I am currently facing a challenge with dynamically adjusting rate limits in my Nginx configuration based on the number of concurrent connections to my web server.
Problem Statement:
I have set up a ...
0
votes
1
answer
278
views
What's the best method to implement rate limiting with Apache?
I'm running an Apache web server, and I'd like to add some simple rate limiting per individual IP address.
I'm currently getting what appears to be a lot of bot requests hitting the website, and it's ...
0
votes
0
answers
79
views
Nginx rate limiting doesn't seem to work at all
I am trying to make rate limiting work for PHP files (which we don't use at all, and I don't want hackers to endlessly try a million PHP files on our server). We're using CloudFlare to proxy our site, ...
1
vote
0
answers
83
views
NGINX Rate Limiting Configuration Leading to 404 Error for Specific Route in Plesk-Managed CakePHP App
I'm using Plesk 18 with NGINX as a proxy in front of Apache2 for a CakePHP application. I have set up rate limiting in my NGINX configuration (/etc/nginx/nginx.conf) with limit_req_zone $...
0
votes
1
answer
31
views
RateLimit is doing weird maths and wrong numbers on kernel
I'm trying to apply a set of rate limit within iptables, and it's doing some weird maths that i'm not able to see on the kernel why this is happen.
I tried to execute same code on my local machine, ...
0
votes
1
answer
82
views
What is the minimum and maximum value for --limit option in iptables?
I have below iptable rule
iptables -A PRIO_IN -p tcp -s 203.0.113.0 --sport 5432 -d 203.0.113.0 --dport 5432 -j ACCEPT -m limit --limit 100000/sec
When i run this rule, i get error as Rate too fast ...
0
votes
1
answer
135
views
Defining Burst and No Delay for NGINX
I'm trying to limit my server (an API) to only allow 3 requests to be made per second (by IP, coming from Cloudflare), and after that the user receives an HTTP 429 code.
I don't want to allow anything ...
2
votes
1
answer
201
views
Rate limiting PHP requests in the absence of WordPress/WooCommerce cookies in Nginx
I want to rate limit PHP requests in the absence of wp-*, wordpress-*, comment_*, woocommerce_* cookies. I have the following configuration, which works, but it doesn't include the cookie check:
http {...
0
votes
0
answers
63
views
How to verify XFF_IP is from a known Proxy or CDN while enforcing key in Google Cloud Armor Security Policy?
I'm currently working on a project where I want to apply rate limiting at the load balancer level to each user's IP address. The idea is to throttle any user that crosses a certain request limit in a ...
1
vote
1
answer
594
views
Testing rate limiting rules in firewalld
I want to rate limit ssh connections per IP to a server running firewalld.
Suppose my sshd listens on port 2222, and I want to limit ssh connections per IP to 3 per minute. I tried:
sudo firewall-cmd -...
1
vote
2
answers
83
views
.io auth. NS refuses UDP response to dnsviz.net – why shouldn’t I, too?
Seriously, say, I block (return, not drop of course) UDP :53 in to my authoritative nameserver. Resolvers will fall back to TCP and I won’t need any rate limiting against spoofed source IPs. Because ...
1
vote
1
answer
580
views
Rate limit specific PHP endpoints when running Nginx with php-fpm
Like many apps, I have some endpoints that are more sensitive than others, such as login & password reset, and need rate limiting. However, nginx handles all requests for PHP resources through a ...
1
vote
1
answer
191
views
What things should I consider when identifying and rate limiting bots?
// Not sure if this question is best fit for serverfault or webmasters stack exchange...
I am thinking to rate limit access to my sites because identifying and blocking bad bots take most of my time.
...
0
votes
1
answer
658
views
Is there a way of telling web crawlers / robots about number of requests limit per second / minute / etc
I was thinking on a way similar to robots.txt that is used by good bots crawling a website. In the robots.txt I can define the User-agent, Allow and Disallow.
My goal is to pass the message about the ...