a
rate limitplugin for caddy
Excessive requests will be terminated with an error 429 (Too Many Requests)! And X-RateLimit-RetryAfter header will be returned.
For single resource:
ratelimit methods path rate burst unit
-
methodsare the request methods it will match (comma separately) -
pathis the file or directory to applyrate limit -
rateis the limited request in every time unit (r/s, r/m, r/h, r/d, r/w) (e.g. 1) -
burstis the maximum burst size client can exceed; burst >= rate (e.g. 2) -
unitis the time interval (currently support:second,minute,hour,day,week)
For multiple resources:
ratelimit methods rate burst unit {
whitelist CIDR
resources
}
whitelistis the keyword for whitelist your trusted ips, CIDR is the IP range you don't want to performrate limit.whitelistis a general rule, it won't target for specific resource.resourcesis a list of files/directories to applyrate limit, one per line
Note: If you don't want to apply rate limit on some special resources, add ^ in front of the path.
Limit clients to 2 requests per second (bursts of 3) to any methods and any resources under /r:
ratelimit * /r 2 3 second
Don't perform rate limit if requests come from 1.2.3.4 or 192.168.1.0/30(192.168.1.0 ~ 192.168.1.3), for the listed paths, limit clients to 2 requests per minute (bursts of 2) if the request method is GET or POST and always ignore /dist/app.js:
ratelimit get,post 2 2 minute {
whitelist 1.2.3.4/32
whitelist 192.168.1.0/30
/foo.html
/api
^/dist/app.js
}
curl https://getcaddy.com | bash -s personal http.ratelimit
docker run -d -p 2016:2016 -v `pwd`/Caddyfile:/go/src/github.com/xuqingfeng/caddy-rate-limit/Caddyfile --name ratelimit xuqingfeng/caddy-rate-limitInspired by
http://nginx.org/en/docs/http/ngx_http_limit_req_module.html