Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [rate-limiting]

In computer networks, rate limiting is used to control the rate of traffic sent or received on a network interface.

Traffic that is less than or equal to the specified rate is sent, whereas traffic that exceeds the rate is dropped or delayed. Rate limiting is performed by policing (discarding excess packets), queuing (delaying packets in transit) or congestion control (manipulating the protocol’s congestion mechanism). Policing and queuing can be applied to any network protocol. Congestion control can only be applied to protocols with congestion control mechanisms, such as the transmission control protocol (TCP).

244 questions
2
votes
2 answers

Can Haproxy deny a request by IP if its stick-table is full?

In my haproxy configs I'm setting a stick-table of size 5 that stores every incoming IP address (for 1 minute), and it is set as nopurge so new entries won't get stored in the table. What I'd like to have happen is that they would get denied, but…
bantic
  • 1,519
  • 3
  • 14
  • 17
2
votes
2 answers

Apache bandwidth throttling per client, by subnet

We're interested in restricting the number of requests per second and/or available bandwidth to HTTP clients, to stop accidental DoS. We provide free scientific data and web services, and sadly some users' scripts aren't well behaved. I know there's…
Andrew Clegg
  • 387
  • 1
  • 2
  • 9
2
votes
1 answer

Nginx - disable rate limiting for cached resources

I have an application does full text search on my product database. Certain searches are suggested to the user and are much more common than other searches. As full text searches are expensive, I'm using Nginx to cache the search results. I would…
nwarp
  • 143
  • 3
2
votes
1 answer

traceroute: sometimes routers don't respond and user sees timeouts

I'm an admin of small network and I'm investigating a problem my users complain about. The root of their complaints is traceroute: sometimes routers along the path simply don't respond to traceroute probes and users see timeouts (those *s in place…
ico
  • 21
  • 1
2
votes
1 answer

Rate Limiting Only the Home Page With NGINX limit_req_zone

I have a Wordpress multisite installation and I have some bots hammering the home pages. I would like to set a rate limit only on the home page(s) of the site(s) but leave the other pages unlimited. My trouble is crafting an NGINX location that will…
Elkrat
  • 25
  • 4
2
votes
1 answer

Nginx rate limiting on unique IPs

we've been dealing with constant attacks on our authentication url, we're talking millions of requests per day, my guess is they are trying to brute force passwords. Whenever we would block the IP with the server firewall, few seconds later the…
Julien
  • 242
  • 1
  • 3
  • 13
2
votes
2 answers

Is there is a way to limit access per hour per user in apache2?

When requesting, POST form with userID is already required, so if I can log the userID of the POST form, I think there would be a way to limit to n times(I think 3 time per hour is good for me) of access to that UserID for an hour. (It means userID…
SJang
  • 21
  • 1
2
votes
0 answers

Flush old entries from nftable meter list

I use nftables to do rate limiting: chain input: { type filter hook input priority 0; policy accept; tcp dport http ct state new jump rate-limit } chain rate-limit { meter httplimit4 { ip saddr limit rate 2/second burst 20 packets }…
router
  • 21
  • 1
1
vote
1 answer

Writes throttled to 500KB/s?

My laptop, running Debian testing, has recently been terribly sluggish at operations involving writing to the disk. I have no idea where the problem comes from and would love some help tracking this down and fixing it. Here are the symptoms I…
Stefan
  • 133
  • 9
1
vote
1 answer

Haproxy Block if http_req_rate(60s) > 20 for 3 times?

This is sample configuration, frontend fe_app bind 0.0.0.0:8484 name http acl has_auth_header req.fhdr(api-key) -m found acl mark_as_abuser sc0_inc_gpc0(be_429_table_api) gt 10 acl req_rate_api_abuse …
Khurshid Alam
  • 111
  • 2
1
vote
2 answers

Different limit_req for $request_uri part

I want configure different rate limiting for php-fpm. I want to: static files had no limits, PHP requests had limits, PHP requests to / admin /.+ had different limits. I have problem with implementation point 3. Now I test: limit_req_zone…
bato3
  • 143
  • 1
  • 7
1
vote
1 answer

HaProxy 1.8 - Stick tables and passing on haproxy calculated rates as request headers to the backends

I have read this article about stick tables: https://www.haproxy.com/blog/introduction-to-haproxy-stick-tables/ I would like to add rate limiting to my haproxy config. But before I want to add a hard limit, I want to know how many requests each of…
Stephan Møller
  • 113
  • 1
  • 7
1
vote
0 answers

Configure postfix to send emails per domain from each virtual server

In my setup I have installed virtualmin for virtual servers. I have following virtual servers with their own dedicated ip address. Postfix is configured as per this method to use dedicated ip for each virtual server. Virtual server 1 (ip = 1.1.1.1)…
Faheem
  • 11
  • 2
1
vote
0 answers

How to limit destination IPs for nginx cache proxy

I'm trying to set up nginx as a cache proxy that can cache/serve pages only from one IP range (example: 31.29.100.0/24). To set up the proxy I use this conf: server { listen 8080; location / { resolver 127.0.0.1; proxy_pass…
Jakov Sosic
  • 5,267
  • 4
  • 24
  • 35
1
vote
0 answers

Outbound rate limiting (with a buffer) per IP

My software has to interact via HTTP requests with several third party services, and these service enforce a rate limiter policy on their side. If I go above the rate limit, my server which is running my software might get banned by IP. Is there a…
ivarec
  • 151
  • 5
1 2 3
16 17