04 nginx http模块
connection 和 request
limit_conn 模块:
基本语法:
常用指令:
1,limit_conn_zone :
定义共享内存,10m 是10兆:
2,limit_conn_status :
当客户端被限速的时候,nginx 会返回这个状态码,
3,limit_conn_level :
当限制行为发生的时候,记录日志的等级,
4,limit_conn :
案例:根据客户端的ip 去限速(每个客户端不能超过两个连接):
user nginx nginx; worker_processes auto; events { worker_connections 15000; accept_mutex on; accept_mutex_delay 100ms; multi_accept on; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; limit_conn_zone $binary_remote_addr zone=limit_addr:10m; server { listen 80; server_name www.paixiaosen.xyz; location / { root html/server1; index index.html index.htm; limit_conn_status 503; limit_conn_log_level warn; limit_conn limit_addr 2; limit_rate 50;#服务器返回给客户端的速率 主要是为了演示 } } server { listen 80; server_name www.666kaoyan.com; location / { root html/server2; index index.html index.htm; } } }
limit_req 模块:
limit_request
常用指令:
1,limit_req_zone
定义共享内存
2r/m : 每分钟2个请求【是严格的平均限制】,(注: 它是第一秒时,处理请求,过了30s 后,处理第二个请求。平均)
2,limit_req_status
3,limit_req_log_level
4,limit_req
burst 是定义前面leaky_bucket 的桶的大小,
user nginx nginx; worker_processes auto; events { worker_connections 15000; accept_mutex on; accept_mutex_delay 100ms; multi_accept on; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; limit_req_zone $binary_remote_addr zone=limit_req:15m rate=2r/m; server { listen 80; server_name www.paixiaosen.xyz; location / { root html/server1; index index.html index.htm; error_log logs/limit.log info; limit_req_status 504; limit_req_log_level notice; limit_req zone=limit_req; #limit_req zone=limit burst 7 nodelay; } } server { listen 80; server_name www.666kaoyan.com; location / { root html/server2; index index.html index.htm; } } }
参看: https://blog.csdn.net/hellow__world/article/details/78658041
access 模块:
限制特定ip 或 网段访问,