Created
April 3, 2020 04:57
-
-
Save marcofbb/610300615b419d066efd7589cf0649a8 to your computer and use it in GitHub Desktop.
varnish limit rate request for seconds with cloudflare
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## ## Not complete default.vcl code | |
| # Install https://github.com/varnish/varnish-modules | |
| import vsthrottle; | |
| # If I want to implement limitation to any request (do not declare req.http.X-Actual-IP again in other subsequent subroutines) | |
| sub vcl_recv { | |
| # GET REAL IP USER from proxy CLOUDFLARE | |
| set req.http.X-Actual-IP = regsub(req.http.X-Forwarded-For, "[, ].*$", ""); | |
| if(vsthrottle.is_denied(req.http.X-Actual-IP, 50, 5s, 60s)) { | |
| # Client has exceeded 50 reqs per 5s. | |
| # When this happens, block altogether for the next 60s. | |
| return (synth(429, "Too Many Requests")); | |
| } | |
| } | |
| # If I want to implement limitation to requests that should be cached, but not found | |
| sub vcl_miss { | |
| # GET REAL IP USER from proxy CLOUDFLARE | |
| set req.http.X-Actual-IP = regsub(req.http.X-Forwarded-For, "[, ].*$", ""); | |
| if(vsthrottle.is_denied(req.http.X-Actual-IP, 50, 5s, 60s)) { | |
| # Client has exceeded 50 reqs per 5s. | |
| # When this happens, block altogether for the next 60s. | |
| return (synth(429, "Too Many Requests")); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment