Skip to content

Commit

Permalink
Merge pull request #2230 from bookwyrm-social/nginx-rate-limit
Browse files Browse the repository at this point in the history
Adds rate limiting to some views in nginx
  • Loading branch information
mouse-reeve authored Jul 28, 2022
2 parents ed20587 + e1e6a2d commit 7bbe42f
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 0 deletions.
9 changes: 9 additions & 0 deletions nginx/development
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,15 @@ upstream web {
server {
listen 80;

location ~ ^/(login|password-reset|resend-link) {
limit_req zone=loginlimit;

proxy_pass http://web;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
}

location / {
proxy_pass http://web;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
Expand Down
9 changes: 9 additions & 0 deletions nginx/production
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,15 @@ server {
# root /var/www/certbot;
# }
#
# location ~ ^/(login|password-reset|resend-link) {
# limit_req zone=loginlimit;
#
# proxy_pass http://web;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header Host $host;
# proxy_redirect off;
# }
#
# location / {
# proxy_pass http://web;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
Expand Down
1 change: 1 addition & 0 deletions nginx/server_config
Original file line number Diff line number Diff line change
@@ -1 +1,2 @@
client_max_body_size 10m;
limit_req_zone $binary_remote_addr zone=loginlimit:10m rate=1r/s;

2 comments on commit 7bbe42f

@AkshayraviC09YC47
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mouse-reeve maintainer pls confirm are you happy to assign a CVE for this, then only hunter.dev admin can move further

@danamurthy
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank You

Please sign in to comment.