{"id":18019,"date":"2024-11-18T15:50:17","date_gmt":"2024-11-18T07:50:17","guid":{"rendered":"https:\/\/fwq.ai\/blog\/18019\/"},"modified":"2024-11-18T15:50:17","modified_gmt":"2024-11-18T07:50:17","slug":"nginx%e9%99%90%e6%b5%81%e6%80%8e%e4%b9%88%e8%a7%a3%e5%86%b3","status":"publish","type":"post","link":"https:\/\/fwq.ai\/blog\/18019\/","title":{"rendered":"nginx\u9650\u6d41\u600e\u4e48\u89e3\u51b3"},"content":{"rendered":"<blockquote><p>\n  nginx \u9650\u6d41\u95ee\u9898\u53ef\u901a\u8fc7\u4ee5\u4e0b\u65b9\u6cd5\u89e3\u51b3\uff1a\u4f7f\u7528 ngx_http_limit_req_module \u9650\u5236\u8bf7\u6c42\u6b21\u6570\uff1b\u4f7f\u7528 ngx_http_limit_conn_module \u9650\u5236\u8fde\u63a5\u6570\uff1b\u4f7f\u7528\u7b2c\u4e09\u65b9\u6a21\u5757\uff08ngx_http_limit_connections_module\u3001ngx_http_limit_rate_module\u3001ngx_http_access_module\uff09\u5b9e\u73b0\u66f4\u591a\u9650\u6d41\u7b56\u7565\uff1b\u4f7f\u7528\u4e91\u670d\u52a1\uff08cloudflare\u3001google cloud rate limiting\u3001aws waf\uff09\u8fdb\u884c dd\n<\/p><\/blockquote>\n<p><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/202405\/27\/2024052718303298371.jpg\" class=\"aligncenter\" title=\"nginx\u9650\u6d41\u600e\u4e48\u89e3\u51b3\u63d2\u56fe\" alt=\"nginx\u9650\u6d41\u600e\u4e48\u89e3\u51b3\u63d2\u56fe\" \/><\/p>\n<p><strong>Nginx \u9650\u6d41\u89e3\u51b3\u65b9\u6848<\/strong><\/p>\n<p><strong>\u95ee\u9898\uff1a\u5982\u4f55\u89e3\u51b3 Nginx \u9650\u6d41\u95ee\u9898\uff1f<\/strong><\/p>\n<p><strong>\u89e3\u51b3\u65b9\u6848\uff1a<\/strong><\/p>\n<p><strong>1. \u4f7f\u7528ngx_http_limit_req_module\u6a21\u5757<\/strong><\/p>\n<pre># \u9650\u5236\u6bcf\u4e2a\u5ba2\u6237\u7aef\u6bcf\u79d2\u7684\u8bf7\u6c42\u6b21\u6570\nlimit_req_zone $binary_remote_addr zone=one:10m rate=1r\/s;\n\n# \u5e94\u7528\u9650\u6d41\u89c4\u5219\nserver {\n    # ...\n    location \/ {\n        limit_req zone=one;\n    }\n}<\/pre>\n<p> \u767b\u5f55\u540e\u590d\u5236 <\/p>\n<p><strong>2. \u4f7f\u7528 ngx_http_limit_conn_module\u6a21\u5757<\/strong><\/p>\n<pre># \u9650\u5236\u6bcf\u4e2a\u5ba2\u6237\u7aef\u7684\u540c\u65f6\u8fde\u63a5\u6570\nlimit_conn_zone $binary_remote_addr zone=one:10m;\n\n# \u5e94\u7528\u9650\u6d41\u89c4\u5219\nserver {\n    # ...\n    location \/ {\n        limit_conn zone=one;\n    }\n}<\/pre>\n<p> \u767b\u5f55\u540e\u590d\u5236 <\/p>\n<p><strong>3. \u4f7f\u7528\u7b2c\u4e09\u65b9\u6a21\u5757<\/strong><\/p>\n<ul>\n<li> <strong>ngx_http_limit_connections_module:<\/strong> \u9650\u5236\u6bcf\u4e2a\u5ba2\u6237\u7aef\u7684\u603b\u8fde\u63a5\u6570<\/li>\n<li> <strong>ngx_http_limit_rate_module:<\/strong> \u9650\u5236\u6bcf\u4e2a\u5ba2\u6237\u7aef\u7684\u8bf7\u6c42\u901f\u7387<\/li>\n<li> <strong>ngx_http__module:<\/strong> \u6839\u636e\u5ba2\u6237\u7aef IP \u6216\u5176\u4ed6\u6761\u4ef6\u62d2\u7edd\u8bf7\u6c42<\/li>\n<\/ul>\n<p><strong>4. \u4f7f\u7528\u4e91\u670d\u52a1<\/strong><\/p>\n<ul>\n<li> <strong>Cloudflare:<\/strong> \u63d0\u4f9b DDoS \u9632\u62a4\u548c\u9650\u6d41\u670d\u52a1<\/li>\n<li> <strong>Google Cloud Rate Limiting:<\/strong> \u63d0\u4f9b\u57fa\u4e8e\u8eab\u4efd\u9a8c\u8bc1\u7684 API \u9650\u6d41<\/li>\n<li> <strong>AWS WAF:<\/strong> \u63d0\u4f9b\u57fa\u4e8e\u533a\u57df\u548c\u901f\u7387\u7684 Web \u5e94\u7528\u7a0b\u5e8f\u9632\u706b\u5899<\/li>\n<\/ul>\n<p><strong>5. \u4ee3\u7801\u5c42\u9650\u6d41<\/strong><\/p>\n<p>\u5728\u5e94\u7528\u7a0b\u5e8f\u4ee3\u7801\u4e2d\u5b9e\u65bd\u81ea\u5df1\u7684\u9650\u6d41\u673a\u5236\uff0c\u4f8b\u5982\u4f7f\u7528\u4ee4\u724c\u6876\u7b97\u6cd5\u6216\u6ed1\u52a8\u7a97\u53e3\u3002<\/p>\n<p><strong>\u6ce8\u610f\uff1a<\/strong><\/p>\n<ul>\n<li>\u9009\u62e9\u9002\u5f53\u7684\u9650\u6d41\u65b9\u6cd5\u53d6\u51b3\u4e8e\u5e94\u7528\u7a0b\u5e8f\u7684\u9700\u6c42\u548c\u6d41\u91cf\u6a21\u5f0f\u3002<\/li>\n<li>\u4ed4\u7ec6\u8c03\u6574\u9650\u6d41\u53c2\u6570\u4ee5\u907f\u514d\u8bef\u62d2\u548c\u6027\u80fd\u95ee\u9898\u3002<\/li>\n<li>\u76d1\u63a7\u9650\u6d41\u6d3b\u52a8\u4ee5\u786e\u4fdd\u6709\u6548\u6027\u548c\u53ca\u65f6\u8c03\u6574\u3002<\/li>\n<\/ul>\n<p>\u4ee5\u4e0a\u5c31\u662f\u9650\u6d41\u600e\u4e48\u89e3\u51b3\u7684\u8be6\u7ec6\u5185\u5bb9\uff0c\u66f4\u591a\u8bf7\u5173\u6ce8\u7c73\u4e91\u5176\u5b83\u76f8\u5173\u6587\u7ae0\uff01<\/p>\n","protected":false},"excerpt":{"rendered":"<p>nginx \u9650\u6d41\u95ee\u9898\u53ef\u901a\u8fc7\u4ee5\u4e0b\u65b9\u6cd5\u89e3\u51b3\uff1a\u4f7f\u7528 ngx_http_limit_req_module \u9650\u5236\u8bf7\u6c42\u6b21\u6570\uff1b\u4f7f\u7528 ngx_http_limit_conn_module \u9650\u5236\u8fde\u63a5\u6570\uff1b\u4f7f\u7528\u7b2c\u4e09\u65b9\u6a21\u5757\uff08ngx_http_limit_connections_module\u3001ngx_http_limit_rate_module\u3001ngx_http_access_module\uff09\u5b9e\u73b0\u66f4\u591a\u9650\u6d41\u7b56\u7565\uff1b\u4f7f\u7528\u4e91\u670d\u52a1\uff08cloudflare\u3001google cloud rate limiting\u3001aws waf\uff09\u8fdb\u884c dd Nginx \u9650\u6d41\u89e3\u51b3\u65b9\u6848 \u95ee\u9898\uff1a\u5982\u4f55\u89e3\u51b3 Nginx \u9650\u6d41\u95ee\u9898\uff1f \u89e3\u51b3\u65b9\u6848\uff1a 1. \u4f7f\u7528ngx_http_limit_req_module\u6a21\u5757 # \u9650\u5236\u6bcf\u4e2a\u5ba2\u6237\u7aef\u6bcf\u79d2\u7684\u8bf7\u6c42\u6b21\u6570 limit_req_zone $binary_remote_addr zone=one:10m rate=1r\/s; # \u5e94\u7528\u9650\u6d41\u89c4\u5219 server { # &#8230; location \/ { limit_req zone=one; } } \u767b\u5f55\u540e\u590d\u5236 2. \u4f7f\u7528 ngx_http_limit_conn_module\u6a21\u5757 # \u9650\u5236\u6bcf\u4e2a\u5ba2\u6237\u7aef\u7684\u540c\u65f6\u8fde\u63a5\u6570 limit_conn_zone $binary_remote_addr zone=one:10m; # \u5e94\u7528\u9650\u6d41\u89c4\u5219 server { # &#8230; location \/ [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[],"class_list":["post-18019","post","type-post","status-publish","format-standard","hentry","category-os"],"_links":{"self":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/18019","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/comments?post=18019"}],"version-history":[{"count":0,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/18019\/revisions"}],"wp:attachment":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/media?parent=18019"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/categories?post=18019"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/tags?post=18019"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}