限制单IP地址请求频率:
http://nginx.org/en/docs/http/ngx_http_limit_req_module.html
限制每个IP地址发起的请求数:
http://nginx.org/en/docs/http/ngx_http_limit_conn_module.html
http 字段加入以下内容:
# traffic control
# The module is used to limit the request processing rate per a defined key, in particular,
# the processing rate of requests coming from a single IP address.
# The limitation is done using the “leaky bucket” method.
limit_req_zone $binary_remote_addr zone=perip:10m rate=60r/s;
# The module is used to limit the number of connections per the defined key;
limit_conn_zone $binary_remote_addr zone=perconn:10m;
server {
listen 80;
server_name www.zhangluya.com;
charset utf-8;
location / {
# 队列模式 burst=1500 相当于超过限制速率的IP地址将会进入队列状态,如果api_ip zone处理完毕
# 将会放行队列中的请求,如果队列中的请求=1500满了,请求直接退回 客户端会收到一个服务器繁忙的请求;
# 排队不会一直继续 nginx的超时设置会限制排队在一定时间内的请求 直接退回 返回服务器繁忙请求.
limit_req zone=perip burst=1500;
# 非队列模式
# limit_req zone=one burst=8 nodelay; #不用队列burst=0
# allow only sixty connection per an IP address at a time
limit_conn perconn 100;
proxy_pass http://127.0.0.1:81;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}