Learn about Centmin Mod LEMP Stack today
Become a Member

Nginx limit connections & csf

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by hitman, Jul 21, 2014.

  1. hitman

    hitman Member

    126
    11
    18
    Jul 18, 2014
    Ratings:
    +15
    Local Time:
    8:10 PM
    hallo
    1. i would like some help on what needs to be done in order to enable the connection limit to 16 per IP the comment must be removed from the domain.com.conf and what needs to be done in the nginx.conf???
    2. and,about RESTRICT_SYSLOG what do you recommend to do?Leave it in option 3(as here)?Will it cause any problems in the future?please advice !
    thank you

     
  2. eva2000

    eva2000 Administrator Staff Member

    54,107
    12,179
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,738
    Local Time:
    4:10 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    as the nginx.conf comments suggest uncomment the relevant line http://nginx.org/en/docs/http/ngx_http_limit_conn_module.html#limit_conn_zone

    from
    Code:
    ## limit number of concurrency connections per ip to 16
    ## add to your server {} section the next line
    ## limit_conn limit_per_ip 16;
    ## uncomment below line allows 500K sessions
    # limit_conn_log_level error;
    #######################################
    # use limit_zone for Nginx <v1.1.7 and lower
    # limit_zone $binary_remote_addr zone=limit_per_ip:16m;
    #######################################
    # use limit_conn_zone for Nginx >v1.1.8 and higher
    # limit_conn_zone $binary_remote_addr zone=limit_per_ip:16m;
    #######################################
    to
    Code:
    ## limit number of concurrency connections per ip to 16
    ## add to your server {} section the next line
    ## limit_conn limit_per_ip 16;
    ## uncomment below line allows 500K sessions
    # limit_conn_log_level error;
    #######################################
    # use limit_zone for Nginx <v1.1.7 and lower
    # limit_zone $binary_remote_addr zone=limit_per_ip:16m;
    #######################################
    # use limit_conn_zone for Nginx >v1.1.8 and higher
    limit_conn_zone $binary_remote_addr zone=limit_per_ip:16m;
    #######################################
    As to CSF that RESTRICT_SYSLOG option is mainly intended for shared hosting environments. As Centmin Mod is not intended for share hosting (FAQ 2 at http://centminmod.com/faq.html), it doesn't apply as oneself would be the only one accessing the server via SSH. So leaving RESTRICT_SYSLOG=0 and living with the *WARNING* RESTRICT_SYSLOG is disabled. message is fine.