Reverse proxy https->http and resource/connection protection

Hello nginx users,

Like to have one IP with reverse proxy (https->http) site,
using wildchard certificates (multiple virtual hosts on one IP and
using different upstreams for different subdomains.

Currently implemented in a testcase like:

location / {
       if ($http_host = ) {
        proxy_pass http://urla.domain;

       if ($http_host = ) {


and works fine (functional) not tested in production yet.

Using different upstreams i’m worried if one upstream fails or might get
overloaded in a terrible way (say urla), the other upstream (say urlb)
wil eventualy fail as wel, as nginx may use up all it’s resources for
the problem upstream.

For that i’d like to limit the max connections on a subdomain, and i’m
not seeing yet how to do that.
I can limit the complete server {} definition using limit_conn for
example, but that doesn’t exacly cover this case.

How would one do that? splitting the servers definition, and using up
extra IP’s ?

Thanks in advance,


Arjan Filius
mailto:[email protected]