请教httpd 如何限制每个url 访问频率
请教httpd 如何限制每个url 访问频率?如 /ab/cd?223344 这个url ,要限制每1分钟只能请求3次(不分IP),如何实现?谢谢! mod_security可以做到
## 达到阀值,侧封锁对象若干时长
SecRequestBodyAccess On
SecRuleEngine On
SecStatusEngine On
SecDataDir /tmp/modsecurity
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus ^5
SecAuditLogParts ABIFHZ
SecAuditLogType Serial
SecAuditLog /var/log/httpd/modsec_audit.log
SecAction "phase:1,nolog,pass,initcol:ip=%{REQUEST_URI},id:1002"
SecRule IP:REQUEST_COUNT "@ge 5""phase:1,pass,nolog,skip:1,id:1003 setvar:ip.blocked=1,expirevar:ip.blocked=60"
SecAction "phase:1,pass,setvar:ip.request_count=+1,id:1004,expirevar:ip.request_count=60"
SecRule IP:BLOCKED "@eq 1""phase:1,pause:1000,deny,log,status:509,setenv:RATELIMITED,skip:1,id:1005"
Header always set Retry-After "10" env=RATELIMITED
ErrorDocument 509 "Rate Limit Exceeded"
页:
[1]