Hello. Can you tell me how to set limits?
nano /etc/nginx/nginx.conf
http {
...
# Limit
limit_zone slimits $binary_remote_addr 5m;
limit_conn slimits 3;
# Limit per single IP
limit_conn_zone $binary_remote_addr zone=perip:10m;
# Limit per server IP
limit_conn_zone $server_name zone=perserver:10m;
# (1)
limit_req_zone $request_uri zone=one:10m rate=30r/m;
# (2)
limit_req_zone $binary_remote_addr zone=two:10m rate=5r/s;
# (3)
limit_req_zone $limit_key zone=three:10m rate=30r/m;
nano /usr/local/hestia/data/templates/web/nginx/default-custom.tpl
location / {
...
# Limit per single IP
limit_conn perip 3;
# Limit per server IP
limit_conn perserver 100;
# (1)
limit_req zone=one burst=5 nodelay;
# (2)
limit_req zone=two burst=5 nodelay;
# (3)
limit_req zone=three burst=5 nodelay;
check
nginx -t
systemctl reload nginx
Result
Nginx not working
Tried different combinations and more lightweight (simple) nothing works. Please tell me how to properly set the limits in the custom nginx config. Does anyone have a working version? I have a powerful server, but sometimes there are bursts of activity (DDos) from compromised servers and I need to adjust the limits. Then the site may be offline for several hours with a 500 error until I restart the Hestia-CP. If there are any other solutions, I would be grateful.
It would be nice if the standard nginx config already had basic restrictions. For example, it is logical for an ordinary user that they do not need to send 1000 requests per second.