nginx- restrict user access
1. Why should we limit user access
We often encounter this situation, server traffic anomaly, the load is too large, and so on. For high-volume access to malicious attacks, it will bring the waste of bandwidth, server stress, affect the business, often considered a number of connections to the same ip, with a few restrictions.
2. How to limit user access
Modify nginx configuration file:
vim /usr/local/nginx/conf/nginx.conf
36 #gzip on;
37 limit_conn_zone $binary_remote_addr zone=addr:10m; #大小是10M内存来对于IP传输开销
38 limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s; #1s中不超过一个请求
39 server {
wq
48 location /download {
49 limit_conn addr 1; #只能一个并发,多了会报错
50 #limit_rate 50k; #限制带宽,每秒最多50k
51 }
nginx -t #语法检测
nginx -s reload #在不暂停服务的情况下重新加载
mkdir /usr/local/nginx/html/download/
cd /usr/local/nginx/html/download/
ls
cd /usr/local/nginx/logs
>access.log #清空日志(方便实验效果的观察)
test:
ab -c 10 -n 1000 http://172.25.254.1/download/c.jpg #查看日志503报错