Inaccurate Rate Limiting

I had been experiencing issue on Rate Limiting :-

Set BLOCK for 5 request per 10 sec. But each IP that triggered the rule was hitting our nginx more than 20 per second. And the same IP still hitting after 10 seconds, overall an IP about more 100 requests between 10 seconds. Instead, URL, Method and HTTP Response Header in access log exactly matches Rate Limit rule.

Does anyone has this experience?

Also i have question. Between total request and per “x” second, which would take the action first?

Anyone? At least the question above is important to me to prepare my filtering. Thanks.

Either the request is going direct to origin or the rate limiting rule doesn’t match or the rule isn’t set to block or something else… but given the information provided it is not possible to provide a definitive answer.

Not sure I understand. If there were more than 5 requests in a 10 second period subsequent requests are blocked.

This topic was automatically closed after 30 days. New replies are no longer allowed.