Commit ef61433a authored by Phillip Smith (fukawi2)'s avatar Phillip Smith (fukawi2)
Browse files

rate-limit requests for rss feed

someone has made a conky script that hits the rss feed every second, so nginx
now limits that to once per minute, returning 503 instead at other times. a
burst is also in place to prevent genuine users being blocked.
parent 128bad62
......@@ -13,6 +13,11 @@ server {
}
}
# a limiter to stop abuse of the rss feed.
# limit to 1 requests per minute, with a burst defined when we use this
# limiter in the location directive below
limit_req_zone $binary_remote_addr zone=rsslimit:8m rate=1r/m;
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
......@@ -27,6 +32,10 @@ server {
ssl_certificate_key /etc/letsencrypt/live/{{ fluxbb_domain }}/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/{{ fluxbb_domain }}/chain.pem;
location ~ /extern\.php {
limit_req zone=rsslimit burst=10 nodelay;
}
location ~ ^/(?:config|header|footer)\.php {
log_not_found off;
deny all;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment