Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [rate-limiting]

In computer networks, rate limiting is used to control the rate of traffic sent or received on a network interface.

Traffic that is less than or equal to the specified rate is sent, whereas traffic that exceeds the rate is dropped or delayed. Rate limiting is performed by policing (discarding excess packets), queuing (delaying packets in transit) or congestion control (manipulating the protocol’s congestion mechanism). Policing and queuing can be applied to any network protocol. Congestion control can only be applied to protocols with congestion control mechanisms, such as the transmission control protocol (TCP).

244 questions
0
votes
2 answers

Incoming rate limiting

I have a ubuntu machine with two interfaces. eth1 is the NAT interface and eth2 is the WAN iterface. I have a 4 mbps internet connection. I want to limit it to 2 mbps for the eth1 NAT network. So I use this tc rule: tc qdisc add dev eth1 root tbf…
nixnotwin
  • 1,543
  • 5
  • 35
  • 55
0
votes
1 answer

Throttling apache downloads selectively

I have a linux box running Debian Sarge (old I know) and apache 2.0.54. It serves two kinds of files - regular web pages and small images, and a lot of large podcast mp3s. The podcast downloads swamp the connection and make the rest of the site…
Synchro
  • 3,148
  • 6
  • 27
  • 38
0
votes
1 answer

How to rate limit hits to a Tomcat app?

We have a Java app I'm serving from Apache 2.2 + mod_proxy_ajp + Tomcat 6 that is a REST API and end users tend to like to totally slam it as fast as they can. I'd like to be able to throttle the hits per second, ideally by user/IP, to it. Like…
Ernest Mueller
  • 1,199
  • 2
  • 12
  • 25
0
votes
1 answer

Total bandwidth limit in IIS7

The only settings I can find are for limiting in terms of bytes per second but if I understand correctly that'll mean that the connection speed of the site is being throttled as well. What I want to do is to have a hard limit - say 30GB/month, but I…
Radu
  • 129
  • 6
0
votes
2 answers

Cisco ASA 5510 - limit bandwidth for outgoing SMTP traffic?

Is there an easy way to throttle outgoing SMTP traffic? Some of our users continue to send large attachments to a large group of people - as a result the bandwidth is almost completely consumed, and other users are starting to complain about…
user46454
0
votes
0 answers

How to verify XFF_IP is from a known Proxy or CDN while enforcing key in Google Cloud Armor Security Policy?

I'm currently working on a project where I want to apply rate limiting at the load balancer level to each user's IP address. The idea is to throttle any user that crosses a certain request limit in a given unit of time. Note: I am using Google Cloud…
Aviral Srivastava
  • 101
  • 1
0
votes
0 answers

Rate limit specific PHP endpoints when running Nginx with php-fpm

Like many apps, I have some endpoints that are more sensitive than others, such as login & password reset, and need rate limiting. However, nginx handles all requests for PHP resources through a standard location handler that proxies PHP-FPM: …
Synchro
  • 3,148
  • 6
  • 27
  • 38
0
votes
1 answer

Is there a way of telling web crawlers / robots about number of requests limit per second / minute / etc

I was thinking on a way similar to robots.txt that is used by good bots crawling a website. In the robots.txt I can define the User-agent, Allow and Disallow. My goal is to pass the message about the request rate limiting to the bots also, saying…
Milos Cuculovic
  • 423
  • 3
  • 8
  • 22
0
votes
1 answer

Maximum QPS with Google Load Balancer

In GCP's documentation, Google claims to support up to 1million queries per second. My team, however, as part of a project, decided to put both the Regional HTTPS LB and Global HTTPS LB to test. Here are some of the results we got using 7 clients…
Olu
  • 1
  • 1
0
votes
0 answers

How to discard a request from burst queue after a certain time in NGINX?

I want to set a low rate limit such as 5r/s to an upstream. I don't want to reject any request for surpassing QPS limit, So I am setting the burst value to a high number and using default delay value 0, which means to delay infinitely. However I…
SharifS
  • 1
  • 1
0
votes
0 answers

iptables per-ip rate limiting problems

I am trying to deal with a persistent application level DOS attack on a web server (apache httpd 2.4, debian 10). The attacker appears to be spoofing public IP addresses given the sheer number of different ones used, but it is not close to consuming…
mhilton
  • 1
0
votes
0 answers

nginx rate global limit split between two groups?

I've gone through the limit_req_zone docs and also searched through but haven't seen whether it's possible to do this with nginx rate limiting. I want to do the following: set a global rate limit ie. limit_req_zone global zone:general 10r/s let's…
leorio paradiknight
  • 1
0
votes
0 answers

How to limit concurrent request per ip using iptables for a limited time?

i want to limit request per ip for a certain time like as if daily 2000 request coming from single ip address. i want to block this ip for 24 hours. after 24 hours it is automatically allow from server . is there any way to do this with using…
Soikot
  • 1
0
votes
1 answer

nginx req_limit does not work in regex location

i have nginx file part like this http { limit_req_zone $binary_remote_addr zone=limit:1m rate=10r/s; server { listen 443 ssl; server_name domain.temp; root "/var/www"; index index.php; location ~* ^/([0-9]+)$ { …
yvgwxgtyowvaiqndwo
  • 125
  • 4
0
votes
0 answers

What is the difference between 10r/s burst=0 and 1r/s burst=9 nodelay?

What is the difference between: 10r/s and burst=0 1r/s and burst=9 nodelay 1st case has processing size capacity of 10r/s. So it allows 10 requests to happen in parallel per second, 11th concurrent request is rejected. In 2nd case the processing…
variable
  • 177
  • 2
  • 10
1 2 3
16 17