Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [rate-limiting]

In computer networks, rate limiting is used to control the rate of traffic sent or received on a network interface.

Traffic that is less than or equal to the specified rate is sent, whereas traffic that exceeds the rate is dropped or delayed. Rate limiting is performed by policing (discarding excess packets), queuing (delaying packets in transit) or congestion control (manipulating the protocol’s congestion mechanism). Policing and queuing can be applied to any network protocol. Congestion control can only be applied to protocols with congestion control mechanisms, such as the transmission control protocol (TCP).

244 questions
3
votes
1 answer

HAProxy Rate limiting per IP with queuing

I'm moving towards HA using it to replace also NGINX and I've a question regarding how to do a Rate Limiting in HA that enables queuing the request instead of closing them. I was able to limit per IP following those examples:…
EsseTi
  • 255
  • 3
  • 13
3
votes
1 answer

getting flooded with HEAD requests

Our server got flooded with HEAD requests. This resulted in a spike in tcp connections that made the server unable to connect to its mysql databases. We make extensive use of the nginx ratelimiting, that works in combination with fail2ban flawlessly…
radonthetyrant
  • 183
  • 1
  • 6
2
votes
0 answers

pfSense: config with daloRadius (freeRadius) to setup download quota limitation

I have pfsense and daloRadius(running freeRadius inside) up and running, I successfully configured radius parameters on pfSense and the NAS on daloRadius and they can talk to each other. I am able to create users from daloRadius and authenticate…
Xsmael
  • 171
  • 1
  • 10
2
votes
1 answer

Nginx rate limiting - only slowdown if ceiling hit

We recently switched to nginx and I was happy to see that rate limiting seems easy enough there. I set up the following limit for a particular zone: limit_req_zone $binary_remote_addr zone=PHPUtilities:10m rate=60r/m; I applied that zone to a…
Mike Willis
  • 203
  • 2
  • 14
2
votes
2 answers

How to protect a web application from IPv6 bots?

I'm interested in this in the context of protecting a web application from bots, but I guess it applies to all kind of attacks that can be done over IPv6 by bots. In a web application, you have some pages you want to protect from bots. It could be a…
John Smith Optional
  • 502
  • 2
  • 9
  • 18
2
votes
2 answers

IPTables + Limit module: Why doesn't limit-burst get completely used?

Long time reader, first time poster.. yada yada yada.. Anyways, I am hopeful someone out there has some extensive iptables/netfilter LIMIT or HASHLIMIT module experience and explain the behavior I'm witnessing. Background: We have a webserver and…
Smit
  • 21
  • 3
2
votes
1 answer

nginx limit_req_zone limiting at a rate lower than specified

The limit_req_zone configuration in my config is as follow : limit_req_zone $nginx_version zone=site1:10m rate=1000r/s; I don't want more than 1000 requests per second from the zone site1. I use this zone in my location as follows : location…
ZeroG
  • 23
  • 3
2
votes
1 answer

Rate-limit nginx based on a prior request

It's not a problem, but I get a huge number of vulnerability scanners and script kiddies hitting my site, constantly. My site doesn't run WordPress, but it gets constantly scanned for WordPress exploits, and trying to hit nonexistant urls such as…
arrtchiu
  • 121
  • 3
2
votes
1 answer

How to limit the maximum network speed in the whole Virtual Host?

Background I have a Apache (with NginX Reverse Proxy) as web server. I have a forum and a image host service running. But as you know, image host service causes a lot of network bandwidth (Mbps). I want to reserve some of the bandwidth to my forum…
AkiEru
  • 77
  • 6
2
votes
1 answer

Nginx: Can I setup a limit_req_zone with a key with IP + URI?

I'm trying to setup Nginx limit_req module to limit the request rate that any IP can make to the same URL. I would like to define the limit_req_zone with a key that is composed by a combination of the client's IP and the request URI. That is,…
El Barto
  • 963
  • 5
  • 16
  • 24
2
votes
1 answer

throttle connections to apache load balancer

I have a load balancer using apache: http://httpd.apache.org/docs/2.2/mod/mod%5Fproxy%5Fbalancer.html The problem is our bandwidth. We're trying to get more, but the ISP has to run new lines and keeps putting us off, so I'd like to throttle down the…
dan
  • 323
  • 1
  • 5
  • 16
2
votes
2 answers

Postfix - rate limit outgoing concurrent connections to one machine/ip

I need to limit postfix outgoing connections for specific mailservers, but it seems to me that posfix's limiting is based on domains? What if there is one mailserver for more domains? I tried to find out what "destination" means in postfix's tuning…
xtc
  • 19
  • 1
  • 6
2
votes
1 answer

Limit maximum requests / second for a specific path on HAProxy

I'm trying to achieve this scenario : On a specific path only, I receive a steady 9 requests/sec on the frontend. Everything is fine, use the regular Backend. I now receive 11 req/s, I want to reject any requests above 10. But still want to continue…
Bastien974
  • 1,896
  • 12
  • 44
  • 62
2
votes
1 answer

Configuring RRL on a DNS server using BIND

I'd like to configure a DNS server to use Response Rate Limiting (RRL) to mitigate DNS DDoS attacks. Whatever, I have to configure it top use RRL with the 'slip' parameter at 2. I've made some search, but I haven't found anything really clear about…
Zouba
  • 21
  • 2
2
votes
0 answers

tc qdisc tbf - calculate sensible latency and burst from rate

I want to create a simple script that lets me limit the outgoing speed of an interface somewhere between 56k (modem speed) and 1MBit/s. I found that something along the following does the job: tc qdisc add dev eth1 root tbf rate 220kbit latency 50ms…
josch
  • 141
  • 1
  • 6
1 2 3
16 17