I have this simple Nginx configuration:
server { listen 80; server_name example.com; rewrite ^(.*) http://www.example.com$1 permanent; } server { listen 80; server_name www.example.com; access_log /var/log/nginx/www.example.com.access.log; error_log /var/log/nginx/www.example.com.error.log; root /var/www/example.com/; location / { index index.html index.php; } location ~ \.php$ { include /etc/nginx/fastcgi_params; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /var/www/example.com/$fastcgi_script_name; } } it is the time to prevent flooding(dos) attacks. I would like to implement those two rules:
1) I would block more then 3 requests per second for PHP requests.
example:
www.example.com/page.php www.example.com/page.php www.example.com/page.php www.example.com/page.php (blocks it stop if it is within the second) 2) I would block more then 3 request per second for the same resource
www.example.com/img.jpg www.example.com/img.jpg www.example.com/img.jpg www.example.com/img.jpg (blocks it stop if it is within the second) My goal is to completly blocks the requests, I say that because i saw nodelay param returns 503 to attackers. In this case if the limit is reached I surelly know that it's an attack, so I want to block the response. With "block" I mean that I do not want to send 503 message, I want that NGINX drops the connections without sending nothing.
How can I optimize this configuration to implement these rules?
Thank you.
