Verified Commit fa328e2f authored by Jelle van der Waa's avatar Jelle van der Waa 🚧
Browse files

Rate limit our archweb RSS feeds

Due to users misconfiguring their conky to query for rss updates every
second add proper rate limitting to all rss endpoints in nginx.
parent 6554168b
# limit rss requests to 1 r/m
limit_req_zone $binary_remote_addr zone=rsslimit:8m rate=1r/m;
limit_req_status 429;
upstream archweb { upstream archweb {
server unix:///run/uwsgi/archweb.sock; server unix:///run/uwsgi/archweb.sock;
} }
...@@ -169,6 +173,14 @@ server { ...@@ -169,6 +173,14 @@ server {
alias {{ archweb_retro_dir }}; alias {{ archweb_retro_dir }};
} }
# Rate limit all RSS feeds
location ~ (^/feeds/|\.xml$) {
include uwsgi_params;
uwsgi_pass archweb;
limit_req zone=rsslimit burst=10 nodelay;
}
location / { location / {
access_log /var/log/nginx/{{ archweb_domain }}/access.log main; access_log /var/log/nginx/{{ archweb_domain }}/access.log main;
include uwsgi_params; include uwsgi_params;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment