Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Nginx - how to limit requests by User Agent
http {
map $http_user_agent $limit_bots {
default '';
~*(google|bing|yandex|msnbot) $binary_remote_addr;
limit_req_zone $limit_bots zone=bots:10m rate=1r/m;
server {
location / {
limit_req zone=bots burst=5 nodelay;
Copy link

lorenanicole commented Jul 24, 2014

This sounds promising for what I'm looking to do - it appears as if you will map the value of $limit_bots based on the value of the $http_user_agent. That is if the $http_user_agent is google, bing, yandex, or msnbot set the value of $limit_bots to be the binary of the IP address. What if, though, you want different rate limiting that takes into account both the IP address and the $http_user_agent?

Copy link

paktek123 commented Apr 29, 2016

One way of doing IP address and http_user_agent could be to put $binary_remote_addr and $http_user_agent into 1 variable for example " google" and use that as the key

hope this helps

Copy link

mike503 commented Sep 7, 2016

this is what I did, and it works. had to define a $geo_whitelist variable FIRST, and then reuse that variable in the map {} for user agent (as the default value)

# ref:
# whitelisted IP ranges - will not have limits applied
geo $geo_whitelist {
  default 0; 1; 1;

# whitelisted user agents - will not have limits applied
map $http_user_agent $whitelist {
  default $geo_whitelist;
  ~*(google) 1;

# if whitelist is 0, put the binary IP address in $limit so the rate limiting has something to use
map $whitelist $limit {
  0 $binary_remote_addr;
  1 "";

limit_req_zone $limit zone=perip:30m rate=1r/s;

Copy link

Creepxz commented Jul 17, 2019

thanks mike503 this help a lot :D

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment