Interpretation of nginx limit configuration parameters

  nginx

Order

This article mainly analyzes the limit-related configuration parameters in ngx_http_core_module, ngx_http_limit_conn_module and ngx_http_limit_req_module.

limit_rate

Name Default configuration action scope Official statement Interpretation in Chinese module
limit_rate limit_rate 0; http, server, location, if in location Limits the rate of response transmission to a client. The rate is specified in bytes per second. The zero value disables rate limiting. The limit is se t per a request, and so if a client simultaneously opens two connections, the overall rate will be twice as much as the specified limit. Specifies bytes that the connection can download per second, mainly to limit the bandwidth of individual requests. ngx_http_core_module
limit_rate_after limit_rate_after 0; http, server, location, if in location Sets the initial amount after which the further transmission of a response to a client will be rate limited. After setting the number of bytes, the limit count will be started. if it is less than this value, there will be no speed limit. ngx_http_core_module
limit_except No default location Limits allowed HTTP methods inside a location. The method parameter can be one of the following: GET, HEAD, POST, PUT, DELETE, MKCOL, COPY, MOVE, OPTIONS, PROPFIND, PROPPATCH, LOCK, UNLOCK, or PATCH. Allowing the GET method makes the HEAD method also allowed Setting methods other than the specified http methods will be restricted, allowing GET will automatically allow HEAD methods. ngx_http_core_module
  • Example
        location /downloads {
            limit_rate_after 1m;
            limit_rate 500k;
        }

        location / {
            proxy_pass http://localhost:3000;
            limit_except GET {
                deny all;
            }
        }

limit_conn

Name Default configuration action scope Official statement Interpretation in Chinese module
limit_conn No default, syntax limit _ connozonenumber; http, server, location Sets the shared memory zone and the maximum allowed number of connections for a given key value. When this limit is exceeded, the server will return the error in reply to a request. Specifies the maximum number of connections per key for a zone ngx_http_limit_conn_module
limit_conn_zone There is no default, syntax limit _ conn _ zonekeyzone = name: size; http Sets parameters for a shared memory zone that will keep states for various keys. In particular, the state includes the current number of connections. The key can contain text, variables, and their combination. Requests with an empty key value are not accounted. The first parameter is key, and the second parameter specifies the size of zone and its shared memory for storing metadata (key, currentnum of connsperkey, zone size) ngx_http_limit_conn_module
limit_conn_log_level limit_conn_log_level error; http, server, location Sets the desired logging level for cases when the server limits the number of connections. This directive appeared in version 0.8.18. Specifies the level of log printing when limit is triggered ngx_http_limit_conn_module
  • Example
http {
    limit_conn_zone $binary_remote_addr zone=ips:10m;
    limit_conn_zone $server_name zone=servers:10m;
    limit_conn_log_level notice;
    server {
        # these limits apply to the whole virtual server
        limit_conn ips 10;

        # only 1000 simultaneous connections to the same server_name
        limit_conn servers 1000;
    }
}

limit_req

Name Default configuration action scope Official statement Interpretation in Chinese module
limit_req No default, syntax limit _ requzone = name [burst = number] [nodelay]; http, server, location Sets the shared memory zone and the maximum burst size of requests. If the requests rate exceeds the rate configured for a zone, their processing is delayed such that requests are processed at a defined rate. Excessive requests are delayed until their number exceeds the maximum burst size in which case the request is terminated with an error. Specifies the burst size of the zone ngx_http_limit_req_module
limit_req_zone There is no default, syntax limit _ req _ zoneckzone = name: sizerate = rate; http Sets parameters for a shared memory zone that will keep states for various keys. In particular, the state stores the current number of excessive requests. The key can contain text, variables, and their combination. Requests with an empty key value are not accounted. The first parameter specifies the key, the second parameter specifies the zone name and the memory size of metadata, and the third parameter rate specifies the threshold number of requests per unit time ngx_http_limit_req_module
limit_req_log_level limit_req_log_level error; http, server, location Sets the desired logging level for cases when the server refuses to process requests due to rate exceeding, or delays request processing. Logging level for delays is one point less than for refusals. Specifies the log level to print when req limit is triggered. ngx_http_limit_req_module
  • Example
http {
 limit_req_zone $binary_remote_addr zone=myreqzone:10m
 limit_req_log_level warn;

 server {
    ## 每个ip限定10个连接数
    ## 正常一个浏览器给每个host开两到三个连接
    ## 触发的话会返回503
    ## nodelay表示一上来就直接计算,不经过一些预热后再计算
    limit_req zone=myreqzone burst=10 nodelay;
 }
}

doc