6

I have a bulk search form on apache servers behind nginx. I'd like to protect that location so that the second request in a 10 minute period gets 301'd to a "Would you like to use our API" page instead with something like:

http {
    limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
    server {
       location = /search/bulk {
                limit_req zone=one burst=2;
                 ...  SOME CONFIG HERE...
       }
    }
}

How would I 301 the end client when they hit my limit_req instead of showing a ngnix error page? Also, secondarily, I don't want to throttle traffic to the whole http clause. Can I set up a limit_req_zone without a rate, but have them in my location stanzas?

Thanks,

M.

mogmismo
  • 63
  • 1
  • 3

1 Answers1

7

By default, nginx will return a 503 service temporarily unavailable error code.

The limit_req_status directive exists to change the error code in case they hit the limit_req :

location = /search/bulk {
          limit_req zone=one burst=2;
          limit_req_status 404;
}

The problem is that this directive only allows a range from 400 to 599, so you cannot specify a 301 :

[emerg] 3130#0: value must be between 400 and 599 in /etc/nginx/nginx.conf:72

So, if your main issue is to display a custom error message instead of the default 503 one, you could proceed like this :

http {
    limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
    server {
       location = /search/bulk {
                limit_req zone=one burst=2;
                error_page  503  /503.html;
       }
       location  /503.html {
            internal;
       }
    }
}

Then your custom 503.html file :

<html><body>Would you like to use our API ?</body></html>

The rate argument is mandatory. You have to specify a rate for limit_req_zone

krisFR
  • 13,280
  • 4
  • 36
  • 42