A compromise between DDoS defense and Owncloud's web interface

2014-11-29 10:33:46 +00:00 · 2014-11-29 10:33:46 +00:00 · 6ccf68e0ab
parent 342e13f548
commit 6ccf68e0ab
1 changed files with 2 additions and 1 deletions
--- a/install-freedombone.sh
+++ b/install-freedombone.sh
@ -3018,7 +3018,8 @@ function install_web_server {
  echo '        limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;' >> /etc/nginx/nginx.conf
  echo '' >> /etc/nginx/nginx.conf
  echo '        # limit the number of requests for a given session' >> /etc/nginx/nginx.conf
-  echo '        limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;' >> /etc/nginx/nginx.conf
+  echo '        # Note that the Owncloud web interface seems to require a rate of around 140r/s' >> /etc/nginx/nginx.conf
+  echo '        limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=140r/s;' >> /etc/nginx/nginx.conf
  echo '' >> /etc/nginx/nginx.conf
  echo '        # if the request body size is more than the buffer size, then the entire (or partial) request body is written into a temporary file' >> /etc/nginx/nginx.conf
  echo '        client_body_buffer_size  128k;' >> /etc/nginx/nginx.conf