Vesta Control Panel - Forum

Community Forum
https://forum.vestacp.com/

Limitting connection Per ip

https://forum.vestacp.com/viewtopic.php?t=11303

Page 1 of 2

Limitting connection Per ip

Posted: Fri Apr 29, 2016 8:34 am
by Hnaseri
Hi , I would like to limit the number of connections that each IP can make to my server.
How can i do this with vestacp?
Thanks

Re: Limitting connection Per ip

Posted: Fri Apr 29, 2016 1:35 pm
by skurudo
With nginx you can do it.

1. Make file /etc/nginx/conf.d/limits.conf ->

Code: Select all

nano /etc/nginx/conf.d/limits.conf
With content:

Code: Select all

limit_conn_zone $binary_remote_addr zone=pip:10m;
limit_req_zone $binary_remote_addr zone=prs:10m rate=1r/s;
2. In /home/user/conf/web/nginx.conf in server section

Code: Select all

limit_conn pip 3;
limit_conn_status 503;
limit_req zone=prs burst=35 nodelay;
3. restat nginx

Code: Select all

nginx -t
service nginx restart

Re: Limitting connection Per ip

Posted: Fri Apr 29, 2016 2:21 pm
by Hnaseri
skurudo wrote:With nginx you can do it.
[/code]
Thank you very much for your reply.
Lets say we have assigned n as the maximum number of connections. If an ip tries to make n+1 connections, does this code drops the extra connection? Or it simply blocks the entire n+1 connections?

Re: Limitting connection Per ip

Posted: Mon May 02, 2016 10:56 pm
by skurudo
Hnaseri wrote: Lets say we have assigned n as the maximum number of connections. If an ip tries to make n+1 connections, does this code drops the extra connection? Or it simply blocks the entire n+1 connections?
In this example nginx show status 503 (Service Unavailable), but you can drop connection via 444 status.
http://nginx.org/en/docs/http/ngx_http_ ... onn_status

This number is your "n"

Code: Select all

limit_conn pip 3;

Re: Limitting connection Per ip

Posted: Tue May 03, 2016 6:20 am
by violajsilver
Thank you very much for the post. I was exactly searching for the same thread.

Re: Limitting connection Per ip

Posted: Tue May 03, 2016 2:34 pm
by skurudo
violajsilver wrote:Thank you very much for the post. I was exactly searching for the same thread.
Sorry, hardly believe that.

Re: Limitting connection Per ip

Posted: Tue May 03, 2016 2:42 pm
by Hnaseri
skurudo wrote:
In this example nginx show status 503 (Service Unavailable), but you can drop connection via 444 status.
So you're saying that the following code will drop extra connections?

Code: Select all

limit_conn_status 444;

Re: Limitting connection Per ip

Posted: Tue May 03, 2016 2:47 pm
by skurudo
Hnaseri wrote: So you're saying that the following code will drop extra connections?

Code: Select all

limit_conn_status 444;
I'm and nginx documentation/examples ;-)

Re: Limitting connection Per ip

Posted: Tue May 03, 2016 2:50 pm
by skurudo
Stops processing and returns the specified code to a client. The non-standard code 444 closes a connection without sending a response header.
http://nginx.org/en/docs/http/ngx_http_ ... tml#return

Re: Limitting connection Per ip

Posted: Tue May 03, 2016 3:24 pm
by Hnaseri
skurudo wrote:
I'm and nginx documentation/examples ;-)
thank you very much for your reply.
please also advise me on this topic: http://forum.vestacp.com/viewtopic.php?f=10&t=11332
I am really eager to install vestacp and try these codes :)
thanks
All times are UTC
Page 1 of 2

Powered by phpBB® Forum Software © phpBB Limited