Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [rate-limiting]

In computer networks, rate limiting is used to control the rate of traffic sent or received on a network interface.

Traffic that is less than or equal to the specified rate is sent, whereas traffic that exceeds the rate is dropped or delayed. Rate limiting is performed by policing (discarding excess packets), queuing (delaying packets in transit) or congestion control (manipulating the protocol’s congestion mechanism). Policing and queuing can be applied to any network protocol. Congestion control can only be applied to protocols with congestion control mechanisms, such as the transmission control protocol (TCP).

244 questions
0
votes
1 answer

ipset iptables drop all exclude ports but via rate limit

I have simple ipset map to track suspicious ips. These my commands: ipset flush ipset -q destroy banlists ipset create banlists hash:ip comment family inet hashsize 2048 maxelem 1048576 timeout 300 And i tell iptables to drop if matched in…
Mohammad Hossein Fattahizadeh
  • 471
  • 1
  • 9
  • 27
0
votes
0 answers

Nginx, limiting request per second for uwsgi application

How to set/estimate proper value for nginx's "limit_req_zone" and "limit_req"? I have nginx as reverse-proxy for Django app. During loading for example admin panel (where Django request a lot of css/js files) I receiving more than ten 503's…
rah606
  • 1
  • 1
0
votes
1 answer

Several short consecutive SSH connections

Imagine performing a short repetitive process, which ends by doing a short lived SSH connection to some server (e.g. transferring a newly generated file via SFTP). This means that there will be a lot of short lived consecutive SSH connecting and…
user2340939
  • 103
  • 2
0
votes
0 answers

Understanding nginx rate limiting

I'm trying to configure rate limiting using nginx's limit_req feature to achieve a specific use case; I've been testing different options within my nginx configuration file, however, I can't seem to find the correct combination of options to achieve…
Ash
  • 73
  • 7
0
votes
0 answers

NGINX - Dynamic throttling of bandwidth

I am going to deploy a website with several big media files (~10 GiB) and I would like to balance the load on it. NGINX will be used to serve the files. What I would like to achieve is something that has already been discussed here, but no real…
Ruben
  • 1
  • 1
0
votes
0 answers

limit_req_zone for the whole PHP

I'm protecting wp-login.php via below rule: location = /wp-login.php { limit_req zone=one burst=1 nodelay; include fastcgi_params; fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; } My question is that. If I use below rule for all php…
Serdar Koçak
  • 67
  • 1
  • 2
  • 7
0
votes
1 answer

How to configure Nginx to only rate limit the API and not static files?

Because limit_req_zone must be specified in HTTP context and cannot be in server or even in location context, it seems one can only set a rate limit for the entire server. Nginx is used to serve static files and one may do this as often as they…
Luc
  • 294
  • 3
  • 18
0
votes
1 answer

Ban IP addresses based on bandwidth usage on apache/linux

Is it possible to throttle or ban IP address based on how much the host is using bandwidth of my webserver? In ideal situation I would like to create rules like: if IP uses bandwidth over 1000 MB in 10 minutes, ban/throttle the IP If it's…
user1273128903
  • 21
  • 1
0
votes
0 answers

Block web site downloading programs like HTTrack

I have a lot of big downloads on my web site, so if somebody tries to download my whole site using automated software like HTTrack, it causes a heavy load on my server. Is there a way to block activity like this with the latest versions of…
Tyler Durden
  • 477
  • 1
  • 6
  • 16
0
votes
1 answer

Specify all php files in Nginx config in order to make said php app more safe (nginx)

I got an idea for to write a simple script to create an Nginx config file based on a set of files that would be allowed to be run. In my case they would be .php files from an application. The script would simply create an Nginx config entry for…
rkantos
  • 101
  • 1
  • 3
0
votes
1 answer

How can throttle users but whitelist robot access to my web site?

I am looking at using mod_evasive and/or mod_throttle to prevent abusive access to my web site (running Apache 2.4). By "abusive", I mean using wget or HTTtrack to download the whole web site, for example. Both mod_evasive and mod_throttle have ways…
Tyler Durden
  • 477
  • 1
  • 6
  • 16
0
votes
1 answer

Any way to see the password for attempted RDP intrusions?

I have a silly person in china (According to IP-Reversal websites) who is trying to login to my machine using RDP. I first noticed this when I found a stream of messages similar to this one: [LAN access from remote] from 117.66.240.198:65086 to…
AngelicCore
  • 123
  • 1
  • 5
0
votes
1 answer

Exchange limit repetitive messages

Background: We have an Avaya phone system, which has the capability of sending email alerts for a variety of scenarios. One scenario that I am very interested in is alerts when a trunk goes down. This works... with one major caveat: More often…
ltwally
  • 315
  • 2
  • 7
  • 23
0
votes
1 answer

Limit bandwidth for two sources of traffic together but not one of them

There are 2 sources of traffic The first one of them shouldn't be impeded in any way, it should be able to draw as much available traffic as it wants. The second one, on the other hand, should be limited in such way that both of them together cannot…
Michael Ivko
  • 151
  • 7
0
votes
2 answers

Rate limiting to Azure VM

Is there a way to add rate limiting to azure VM? We have a VM that generates images dynamically and a few users are abusing it by hitting the server hundreds of times at once. I implemented an application level check that stores the user's IP…
Bruno
  • 113
  • 6
1 2 3
16 17