Hi. I am trying to replicate the functionality of mod_evasive on Apache,
which basically says that at the same point the same IP can have only “X
connections per second”.
I see the example here:
http://wiki.nginx.org/HttpLimitZoneModule
But this uses “binary_remote_addr”. How does this cater for shared IPs,
where people in the same network may actually have the same remote addr.
Can I therefore use some other variable, such as a combination of
“binary_remote_addr” and their “http_user_agent”?
What is the most often used value in production environments?
Thanks!
Posted at Nginx Forum: