rate-limit requests for rss feed

someone has made a conky script that hits the rss feed every second, so nginx now limits that to once per minute, returning 503 instead at other times. a burst is also in place to prevent genuine users being blocked.

rate-limit requests for rss feed
someone has made a conky script that hits the rss feed every second, so nginx now limits that to once per minute, returning 503 instead at other times. a burst is also in place to prevent genuine users being blocked.
ef61433a · Phillip Smith (fukawi2) · 128bad62 · ef61433a
Commit ef61433a authored Nov 04, 2019 by Phillip Smith (fukawi2)
--- a/roles/fluxbb/templates/nginx.conf.j2
+++ b/roles/fluxbb/templates/nginx.conf.j2
@@ -13,6 +13,11 @@ server {
    }
 }

+# a limiter to stop abuse of the rss feed.
+# limit to 1 requests per minute, with a burst defined when we use this
+# limiter in the location directive below
+limit_req_zone $binary_remote_addr zone=rsslimit:8m rate=1r/m;
+
 server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
@@ -27,6 +32,10 @@ server {
    ssl_certificate_key  /etc/letsencrypt/live/{{ fluxbb_domain }}/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/{{ fluxbb_domain }}/chain.pem;

+    location ~ /extern\.php {
+        limit_req zone=rsslimit burst=10 nodelay;
+    }
+
    location ~ ^/(?:config|header|footer)\.php {
        log_not_found off;
        deny all;