a
rate limit
plugin for caddy
Excessive requests will be terminated with an error 429 (Too Many Requests)! And X-RateLimit-RetryAfter
header will be returned.
For single resource:
ratelimit path rate burst unit
-
path is the file or directory to apply
rate limit
-
rate is the limited request in every time unit (r/s, r/m, r/h) (e.g. 1)
-
burst is the maximum burst size client can exceed; burst >= rate (e.g. 2)
-
unit is the time interval (currently support:
second
,minute
,hour
)
For multiple resources:
ratelimit rate burst unit {
whitelist CIDR
resources
}
- whitelist is the keyword for whitelisting your trusted ips, CIDR is the IP range you don't want to perform
rate limit
- resources is a list of files/directories to apply
rate limit
, one per line
Note: If you don't want to apply rate limit
on some special resources, add ^
in front of the path.
Limit clients to 2 requests per second (bursts of 3) to any resources in /r:
ratelimit /r 2 3 second
For the listed paths, don't perform rate limit
if requests come from 1.2.3.4 or 192.168.1.0/30(192.168.1.0 ~ 192.168.1.3), limit clients to 2 requests per minute (bursts of 2) and always ignore /dir/app.js
:
ratelimit 2 2 minute {
whitelist 1.2.3.4/32
whitelist 192.168.1.0/30
/foo.html
/dir
^/dir/app.js
}
docker pull xuqingfeng/caddy-rate-limit
docker run -d -p 2016:2016 -v `pwd`/Caddyfile:/go/src/github.com/xuqingfeng/caddy-rate-limit/Caddyfile --name ratelimit xuqingfeng/caddy-rate-limit
Inspired By
http://nginx.org/en/docs/http/ngx_http_limit_req_module.html