Skip to content
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions changelog.d/3-bug-fixes/rate-limit-adjustments
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Fix a rate-limit exemption whereby authenticated endpoints did not get the unlimited_requests, if set, applied. Also increase default rate limits.
8 changes: 6 additions & 2 deletions charts/nginz/templates/conf/_nginx.conf.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -162,8 +162,6 @@ http {
limit_req_log_level warn;
limit_conn_log_level warn;

# Limit by $zauth_user if present and not part of rate limit exemptions
limit_req zone=reqs_per_user burst=20;
limit_conn conns_per_user 25;

#
Expand Down Expand Up @@ -256,6 +254,12 @@ http {
limit_conn conns_per_addr 20;
{{- end }}
{{- end }}
{{- else }}
{{- if ($location.unlimited_requests_endpoint) }}
# Note that this endpoint has no rate limit per user for autenticated requests
{{- else }}
limit_req zone=reqs_per_user burst=20;
{{- end }}
Comment thread
akshaymankar marked this conversation as resolved.
{{- end }}

{{- if hasKey $location "specific_user_rate_limit" }}
Expand Down
4 changes: 2 additions & 2 deletions charts/nginz/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -55,8 +55,8 @@ nginx_conf:
- /search/common

default_client_max_body_size: "256k"
rate_limit_reqs_per_user: "10r/s"
rate_limit_reqs_per_addr: "5r/m"
rate_limit_reqs_per_user: "30r/s"
rate_limit_reqs_per_addr: "15r/m"

# This value must be a list of strings. Each string is copied verbatim into
# the nginx.conf after the default 'limit_req_zone' directives. This should be
Expand Down