nginx.conf
limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m; limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=1r/s; geo $white_ip { ranges; default 0; 60.126.39.182-60.126.39.184 1; 58.112.221.179-58.112.221.190 1; 141.130.163.153-141.130.163.154 1; } limit_req_whitelist geo_var_name=white_ip geo_var_value=1; limit_req_zone $binary_remote_addr zone=white_ip:100m rate=1r/s; include /usr/local/webserver/nginx/conf/vhosts/*.conf; }
vhosts(控制下面几个php文件)
location ~*^/(home|forum|portal|forum|forumdisplay|index).php$ { root /htdoc/bbs.123.com/wwwroot; #limit_conn conn_limit_per_ip 2; limit_req zone=white_ip burst=3 nodelay; limit_req_whitelist geo_var_name=white_ip geo_var_value=1; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fcgi.conf; }
location ~ ^/html/ { //控制这个目录下面的文件 limit_req zone=white_ip burst=4 nodelay; limit_req_whitelist geo_var_name=white_ip geo_var_value=1; }
白名单功能和limit_conn_zone和limit_conn模块冲突(感谢淘叔度指点)
白名单内的ip不受limit限制。
转载请注明:有客帮 » Tengine 限制连接数和白名单功能