Nginx is a good web server and provides a comprehensive speed limit function. The main functional modules are ngx_http_core_module, ngx_http_limit_conn_module, and ngx_http_limit_req_module. The first module includes the limit_rate function (limited bandwidth ), in the latter two modules, the functions are limit connection and limit request. These modules are compiled into the nginx core by default.
All restrictions are aimed at IP addresses, so they have a certain defensive effect on CC and DDOS.
Bandwidth limit is easy to understand.
123location /mp3 {
limit_rate 200k;
}
There is one way to make the speed limit more humane, that is, the speed limit starts after a certain amount of traffic is transmitted,
For example, first transmit 1 M at full speed and then start the speed limit:
1234location /photo {
limit_rate_after 1m;
limit_rate 100k;
}
Next we will talk about the limited number of concurrent requests and the number of requests.
Why are there two modules? Because we know that a page usually has multiple sub-modules, such as five images, we initiate a connection when requesting this page, but this connection contains five image requests, that is to say, a connection can initiate multiple requests. To maintain the user experience, we need to select whether to limit the number of connections or the number of requests based on actual needs.
1. Limit the number of connections
To restrict connections, you must first have a container that counts connections and add the following code to the http segment:
1limit_conn_zone $binary_remote_addr zone=addr:5m;
In this way, a speed limit pool named addr is created in the memory (each connection occupies 32 or 64 bytes, and the size of 5 MB can accommodate tens of thousands of connections, which is usually enough, if 5 MB of memory is used up, 503 is returned)
Next, we need to limit the speed of different locations (location segments) of the server. For example, to limit the number of concurrent connections of each IP address to 2
1limit_conn addr 2;
2. Limit the number of requests
To limit the number of requests, you must first create a speed limit pool and add the following code to the http segment:
1limit_req_zone $binary_remote_addr zone=one:5m;
The speed limit is divided into global speed limit and local speed limit,
For the global speed limit, we only need to add the following parameters, for example, 20 requests per second, rate = 20r/s, that is:
1limit_req_zone $binary_remote_addr zone=perip:5m rate=20r
/s
;
Sometimes we want to adjust the link in the location segment, you can use the burst Parameter
1limit_req zone=one burst=50;
If you do not want latency, there is also the nodelay Parameter
1limit_req zone=one burst=50 nodelay;
The above is the nginx Speed Limit Function introduction, improper, please correct me. The specific speed limit method should be considered to avoid damaging the user experience.
References
Http://wiki.nginx.org/HttpCoreModule#limit_rate
Http://nginx.org/cn/docs/http/ngx_http_limit_req_module.html
Http://nginx.org/cn/docs/http/ngx_http_limit_conn_module.html
Http://wiki.nginx.org/HttpLimitConnModule
Http://wiki.nginx.org/HttpLimitReqModule
Http://tengine.taobao.org/nginx_docs/cn/docs/http/ngx_http_limit_conn_module.html#limit_zone
This article from the "Focus on Linux O & M" blog, please be sure to keep this source http://purplegrape.blog.51cto.com/1330104/1228527
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
