Is Nginx the right recoil limit?

A

Alexander2020-03-03 10:05:12

Nginx

Alexander, 2020-03-03 10:05:12

There is a lot of information on the Internet about the upload speed limit, but
1. I don’t want to use the nginx_limit_speed_module module , because I don’t want to rebuild nginx to update every time.
2. Use limit_rate or set $limit_rate is obtained only within the framework of the server or http directive. In general, it turns out to limit the speed either on the entire server or on the entire domain.
3. According to the documentation, set $limit_rate should limit not within 1 request, but within the entire client. In any case, it doesn't work either.

I need to use it in the location directive, for example here location /soft/as below... but this infection doesn't want to work, why? What did I do wrong?

NGINX version 1.16.1
Tried both just limit_rate and set $limit_rate

server {
  listen 80;
  server_name www.ustim.ru ustim.ru;
  charset UTF-8;

        root /var/www/ustim.ru/htdocs/;
        include /etc/nginx/templates/php-fpm7.3.conf;
        index index.html index.htm index.php;

        location /app.php {
                try_files $uri $uri/ /app.php?$query_string;
        }
        location /install/app.php {
                try_files $uri $uri/ /install/app.php?$query_string;
        }
        location / {
            try_files $uri $uri/ /index.php?$args;
        }

#Доступ к папке /soft (без пароля)
   location /soft/ {
        alias /mnt/fs-soft/;
        autoindex on;
        autoindex_exact_size off;
        autoindex_localtime on;
        dav_access user:rw group:rw all:rw;
        dav_methods PUT DELETE MKCOL COPY MOVE;
        create_full_put_path on;
        set $limit_rate 200K;
   }
        access_log /var/log/nginx/ustim.ru_access.log;
        error_log /var/log/nginx/ustim.ru_error.log;

        listen 443 ssl; # managed by Certbot
        ssl_certificate /etc/letsencrypt/live/ustim.ru/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/ustim.ru/privkey.pem; # managed by Certbot
        ssl_session_cache shared:le_nginx_SSL:1m; # managed by Certbot
        ssl_session_timeout 1440m; # managed by Certbot

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # managed by Certbot
        ssl_prefer_server_ciphers on; # managed by Certbot

        ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AE$

    if ($scheme != "https") {
        return 301 https://$host$request_uri;
    } # managed by Certbot
}

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

V

Vadim Priluzkiy, 2020-03-03
@Oxyd

Maybe it's all about...

The limit is set per request, so if the client opens two connections at the same time, the total speed will be twice as high as the specified limit.

And that's what it says about the variable...

The rate limit can also be set in the $limit_rate variable, but since 1.17.0 this method is deprecated

K

ky0, 2020-03-03
@ky0

I don't want to use the nginx_limit_speed_module module, because I don't want to rebuild nginx every time to update it.

SSZB. Welcome to the wonderful world of open source, where picking up a package by hand is not something scary and happens regularly.