Image

Knowledge base → Nginx protection from flood attacks

[Virtual servers]
Date of publication: 27.01.2023

Setting up nginx can significantly reduce the load and protect the site from unwanted bots.

Let's set a limit of 250 connections per second from one IP address

http section:

limit_conn_zone $binary_remote_addr zone=addr:10m;
limit_conn_zone $server_name zone=servers:10m;
limit_req_zone $binary_remote_addr zone=one:10m rate=250r/s;

Server section:

location/{

limit_req zone=one;

}

Protection against channel capacity exhaustion.

This rule, after downloading the first 10 megabytes, will reduce the download speed to 512 kb/s for this client (ip).

http section:

limit_rate_after 10240k;
limit_rate 512K;

You can also limit channel bandwidth in the ddos deflate settings.





No Comments Yet