I have nginx and its cache working as expected apart from one minor issue.
When a request is made for the first time it hits the origin server, returns
a 200 and nginx caches that response. If I make another request I can see
from the X-Cache-Status header that the cache has been hit. When I wait a
I am trying to make pretty urls using rewrite rules but they are not
working
1.
https://example.com/s1/video.mp4 should be rewrite to
https://example.com/file/server/video.mp4
location = /s1/(.*)$ {
rewrite ^/s1/(.*) /file/server/$1 permanent;
}
2.
https://example.com/view/
> What looks to me to be a real resource hog that quite frankly you cant do
> much about are download managers. They open up multiple connections, but the
> rate limits apply to each individual connection. (this is why you want to
> limit the number of connections.)
Does this mean an attacker
> Since this limit is per IP, is the scenario you stated really a problem?
> Only that IP is effected. Or as is often the case, did I miss something?
The idea (which I used bad examples to illustrate) is that some
mainstream browsers make a series of requests for files which don't
necessarily e
On Sun, Sep 11, 2016 at 08:12:00AM -0400, khav wrote:
Hi there,
> I am trying to make pretty urls using rewrite rules but they are not
> working
"Pretty urls" usually means that the browser *only* sees the original
url, and the internal mangling remains hidden.
A rewrite that leads to a HTTP r
I suspect you are referring to the countless variations on the favicon, with
Apple being the worst offender since they have many "touch" files. Android has
them too. Just make the files. They don't have to be works of art.
http://iconifier.net/
One of many generators.
Clearly Apple has no resp
This page has all the secret sauce, including how to limit the number of
connections.
https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/
I set up the firewall with a higher number as a "just in case." Also note if
you do streaming outside nginx, then you have to lim
> I suspect you are referring to the countless variations on the favicon, with
> Apple being the worst offender since they have many "touch" files. Android
> has them too. Just make the files.
I disagree but maybe because of my webmastering style. I don't know
what more of these files will sho
> This page has all the secret sauce, including how to limit the number of
> connections.
>
> https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/
>
> I set up the firewall with a higher number as a "just in case."
Should I basically duplicate my limit_req and limit_req
>> Has anyone experimented with displaying a more informative message
>> than "503 Service Temporarily Unavailable" when someone exceeds the
>> limit-req?
>
>
> maybe https://tools.ietf.org/html/rfc6585#section-4 ?
That's awesome. Any idea why it isn't the default? Do you remember
the directive
I just saw some strange stuff in my logs and it only makes sense if
pressing the back button creates a new request on an iPad. So if an
iPad user presses the back button 5 times quickly, they will have
generated 5 requests in a very short period of time which could turn
on rate limiting if so conf
https://www.nginx.com/blog/tuning-nginx/
I have far more faith in this write up regarding tuning than the anti-ddos,
though both have similarities.
My interpretation is the user bandwidth is connections times rate. But you
can't limit the connection to one because (again my interpretation) t
12 matches
Mail list logo
