gpt4 book ai didi

nginx limit_req 不起作用

转载 作者:行者123 更新时间:2023-12-03 21:34:19 26 4
gpt4 key购买 nike

我正在尝试使用 nginx (v1.6.2) 实现一个简单的速率限制系统

网站可用/mysite.com :

limit_req_zone $binary_remote_addr zone=myzone:10m rate=2r/m;

server {
listen 80;
server_name mysite.com;
root /var/www/vhosts/mysite.com;
error_log [..];
access_log [..];

include conf.d/php-fpm.conf;

location = / {
limit_req zone=myzone burst=3 nodelay;
index index.html;
}

location / {
try_files $uri =404;
}

location ^~ /pages {
include conf.d/php-fpm.conf;
internal;
}

location = /email {
rewrite ^(.*)$ /pages/email.html;
}

location = /email/subscribe {
limit_req zone=myzone burst=2 nodelay;
rewrite ^(.*)$ /pages/email.php?action=subscribe;
}

location ~ /api {
limit_req zone=myzone burst=5 nodelay;
rewrite ^(.*)$ /pages/api.php;
}
}

conf.d/php-fpm.conf :
location ~ \.php$ {
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
include fastcgi_params;
}

nginx.conf :
没什么有趣的,只有 include sites-enabled/*;
限速 /工作正常。如果对此页面的请求过多,我会收到错误 503。
问题:都不是 /email/subscribe , /api也不是 /api/test速度有限,我不知道为什么。它必须与 rewrite 做一些事情,但有什么问题呢?
有任何想法吗?我什么都试过了!

请注意:我更改了文件名和 URL 端点。

最佳答案

问题是nginx进程请求在几个phases和重写阶段在预访问之前(这是应用 limit_req 的地方)。所以在你的配置请求被重写为 /pages/...在他们有机会受到限制之前。为避免这种情况,您应该在重写后保持在相同的位置块(使用 break 标志)或使用 try_files 进行一些小技巧。 .
我更喜欢第一个选项,因此您的配置可能如下所示:

limit_req_zone $binary_remote_addr zone=myzone:10m rate=2r/m;

server {
listen 80;
server_name mysite.com;
root /var/www/vhosts/mysite.com;
error_log [..];
access_log [..];

include conf.d/php-fpm.conf;

location = / {
limit_req zone=myzone burst=3 nodelay;
index index.html;
}

location / {
try_files $uri =404;
}

location ^~ /pages {
include conf.d/php-fpm.conf;
internal;
}

location = /email {
rewrite ^(.*)$ /pages/email.html;
}

location = /email/subscribe {
limit_req zone=myzone burst=2 nodelay;
rewrite ^(.*)$ /pages/email.php?action=subscribe break;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}

location ~ /api {
limit_req zone=myzone burst=5 nodelay;
rewrite ^(.*)$ /pages/api.php break;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
如果你选择第二个选项,你的配置会更干净一点,但有点麻烦。我们将使用 try_files 的事实阶段在 limit_req 之后运行相和那 try_files使内部重定向到它的最后一个参数。
limit_req_zone $binary_remote_addr zone=myzone:10m rate=2r/m;

server {
listen 80;
server_name mysite.com;
root /var/www/vhosts/mysite.com;
error_log [..];
access_log [..];

include conf.d/php-fpm.conf;

location = / {
limit_req zone=myzone burst=3 nodelay;
index index.html;
}

location / {
try_files $uri =404;
}

location ^~ /pages {
include conf.d/php-fpm.conf;
internal;
}

location = /email {
rewrite ^(.*)$ /pages/email.html;
}

location = /email/subscribe {
limit_req zone=myzone burst=2 nodelay;
try_files SOME_NONEXISTENT_FILE /pages/email.php?action=subscribe;
}

location ~ /api {
limit_req zone=myzone burst=5 nodelay;
try_files SOME_NONEXISTENT_FILE /pages/api.php;
}
}

关于nginx limit_req 不起作用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/28414201/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com