根据业务方的需求,针对/user/login/api.php路径下,userid=(1234567890|1234567891|1234567892)的接口做IP请求限制。
##黑名单
geo $remote_addr $deny_remote_addr {
172.25.8.0/16 1;
10.250.11.92 1;
default 0;
}
map $deny_remote_addr$request_uri $userid {
~*^1/user/login/api.php?.*/buserid=(1234567890|1234567891|1234567892)/b.* "X";
default "";
}
limit_req_zone $userid zone=userid_limit_zone:10m rate=100r/m;
server {
listen 80;
server_name limit.example.com;
index index.html index.htm index.php;
root /data/web/api/;
location ~ /user/login/
{
limit_req zone=gameid_limit_zone burst=30 nodelay;
if ($gameid = "X") {
access_log /data/logs/$host.limit.log access;
}
}
access_log /data/logs/$host.log access;
}
原创文章,作者:ItWorker,如若转载,请注明出处:https://blog.ytso.com/279591.html