Restrict the access frequency of all individual IP addresses
1. Configuration in HTTP
http {
$limit_conn_zone: limit the number of concurrent connections
limit_conn_zone $binary_remote_addr zone=one1:10m;
#limit_req_zone: request frequency
#$binary_remote_ADDR: limit by client IP
#zone=one:10m: create an IP storage area with a size of 10m to store access frequency
#rate=10r/s: indicates that the client access rate is 10 times per second
limit_req_zone $binary_remote_addr zone=one2:10m rate=10r/s;
}
Copy the code2. Server configuration
server {
listen 80;
server_name localhost;
location / {
Limit the number of concurrent requests by 2
limit_conn one1 2;
# Burst: Request processing is delayed if the frequency of requests exceeds the value configured for the limit domain
#nodelay: Requests exceeding the frequency limit are delayed until the number of delayed requests exceeds the defined threshold. The request is terminated and 503 is returnedlimit_req zone=one2 burst=10 nodelay; root html; index index.html index.htm; }}Copy the code2. Configure the access whitelist
1. Configuration in HTTP
http {
# geo: the directive defines a whitelist $limited variable with a default value of 1 and a value of 0 if the client IP is in the range above
geo $limited{
default 1;
10.0.0.140 0; Set 10.0.0.140 to whitelist
10.0.0.141 0; # whitelist IP, you can continue to add
}
# use the map command to map the IP of the search engine client to an empty string, if it is not the search engine, it will display its real IP
The limit_req_zone memory session does not limit search engine IP access
map $limited $limit{1$binary_remote_addr;
0 "";
}
limit_conn_zone $limit zone=one:20m;
limit_req_zone $limit zone=one2:20m rate=10r/s;
}
Copy the code2. Server configuration
server { listen 80; server_name localhost; location / { limit_conn one 2; limit_req zone=one2 burst=10 nodelay; root html; index index.html index.htm; }}Copy the code