Skip to content
Permalink
Browse files
Merge pull request #2230 from bookwyrm-social/nginx-rate-limit
Adds rate limiting to some views in nginx
  • Loading branch information
mouse-reeve committed Jul 28, 2022
2 parents ed20587 + e1e6a2d commit 7bbe42fb30a79a26115524d18b697d895563c92f
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 0 deletions.
@@ -7,6 +7,15 @@ upstream web {
server {
listen 80;

location ~ ^/(login|password-reset|resend-link) {
limit_req zone=loginlimit;

proxy_pass http://web;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
}

location / {
proxy_pass http://web;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -41,6 +41,15 @@ server {
# root /var/www/certbot;
# }
#
# location ~ ^/(login|password-reset|resend-link) {
# limit_req zone=loginlimit;
#
# proxy_pass http://web;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header Host $host;
# proxy_redirect off;
# }
#
# location / {
# proxy_pass http://web;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -1 +1,2 @@
client_max_body_size 10m;
limit_req_zone $binary_remote_addr zone=loginlimit:10m rate=1r/s;

2 comments on commit 7bbe42f

@AkshayraviC09YC47
Copy link

@AkshayraviC09YC47 AkshayraviC09YC47 commented on 7bbe42f Aug 1, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mouse-reeve maintainer pls confirm are you happy to assign a CVE for this, then only hunter.dev admin can move further

@danamurthy
Copy link

@danamurthy danamurthy commented on 7bbe42f Sep 23, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank You

Please sign in to comment.