I seek a solution to do rate limit for HTTP API, for Nginx, there is already a module HttpLimitReqModule support this feature. But refer to the document, this module only supports per second and per minute. Any solution per hour/day?
Asked
Active
Viewed 3,087 times
2 Answers
0
I'm not aware of a function within nginx that would do it. However you could use the auth_request module to hand of all incoming traffic to an upstream web service which inspected the traffic and applied the rate limiting rules.
location / {
auth_request /ratelimiter;
..
Normal configuration settings
}
location /ratelimiter {
proxy_pass http://internalratelimitinghost;
# return a HTTP 200 to allow the request
# return anything else to deny it
}
nginx auth_request. The module is not included by default so you would need to compile it in.
Steve E.
- 9,003
- 6
- 39
- 57
-1
At some point, I needed the same function to define rate limits per hour, day, week, etc.
I was itchy to build a clone of ngx_http_limit_req_module first, but then just integrated the necessary changes to nginx-mod.
So this works with nginx-mod:
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/h; # 1 request per hour
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/d; # 1 request per day
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/w; # 1 request per week
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/M; # 1 request per month
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/Y; # 1 request per year
Danila Vershinin
- 8,725
- 2
- 29
- 35