Yeah the reason it does not work behind CloudFlare is because the limit_conn
and limit_req is blocking the CloudFlare server IP for making to many
requests. So that is why i am reciving the DOS output "503 service
unavailable"
And I don't fancy building a whitelist of IP's since it would require
manually updating allot. The cloudflare server IP's would need excluding
from the $binary_remote_addr output.
Currently i am using my first method and it works great.
c0nw0nk Wrote:
-------------------------------------------------------
> limit_req_zone $http_cf_connecting_ip zone=one:10m rate=30r/m;
> limit_conn_zone $http_cf_connecting_ip zone=addr:10m;
>
> location ~ \.mp4$ {
> limit_conn addr 10; #Limit open connections from same ip
> limit_req zone=one; #Limit max number of requests from same ip
>
> mp4;
> limit_rate_after 1m; #Limit download rate
> limit_rate 1m; #Limit download rate
> root '//172.168.0.1/StorageServ1/server/networkflare/public_www';
> expires max;
> valid_referers none blocked networkflare.com *.networkflare.com;
> if ($invalid_referer) {
> return 403;
> }
> }
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,269502,269572#msg-269572
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
