Join the community today
Become a Member

Nginx layer-7 ddos nginx config?

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by Oxide, Apr 25, 2015.

Tags:
  1. Oxide

    Oxide Active Member

    503
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    1:51 PM
    hey guys

    how can i set up r/s limit for PHP documents properly?

    from what i know have to use fast cgi for php..

    limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
    limit_req zone=one burst=1 nodelay;

    i use this now but it works everywhere, not only php and for some reason in the error logs it keep limiting each request i make lol
     
  2. Oxide

    Oxide Active Member

    503
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    1:51 PM
    now, i dont think i even use fastcgi but how would i do it?

    it keeps downloading the page when i try

    location ~ \.php$ {
     
  3. Oxide

    Oxide Active Member

    503
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    1:51 PM
    location ~*(\.php)$ {
    limit_req zone=one burst=5;
    }

    keeps downloading the entire php page lol D: same with others i tried..
     
  4. Oxide

    Oxide Active Member

    503
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    1:51 PM
    i had to add it to php.conf :D got it working yay
     
    • Like Like x 1
  5. eva2000

    eva2000 Administrator Staff Member

    30,152
    6,782
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,133
    Local Time:
    1:51 PM
    Nginx 1.13.x
    MariaDB 5.5
  6. Oxide

    Oxide Active Member

    503
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    1:51 PM
    I'm using request limit, however in order to use fail2ban with CloudFlare. I need to use their api, which i am completly fine with.

    Anyone here able to help me out setting it up for some small cash?

    actionban = curl -s "https://www.cloudflare.com/api.html?a=ban&key=<ip>&u=<account>&tkn=<token>"
    actionunban = curl -s "https://www.cloudflare.com/api.html?a=nul&key=<ip>&u=<account>&tkn=<token>"

    For request limit.

    This works PERFECTLY, with IP Tables. However with CloudFlare, nope:
    Survive DDOS attack with Nginx's and fail2ban

    I want to use this, with these two commands to ban and unban.