My issue:
I’m trying to rate limit requests to my server that result on 404 errors because I’ve got some malicious crawlers crashing my database trying to find wordpress endpoints, accesible git repositories and some other typical endpoints which do not exist on my site, but require a db check due to the dynamic nature of my app.
How I encountered the problem:
I’ve tried to follow the documentation in order to add rate limiting into 404 pages but I haven’t been able to make it work. For some reason it seems the rate limiter module does not run for errors. As you can see on the playground snippet below, $limit_req_status doesn’t even get populated. I couldn’t find anything on the docs that would explain this.
Solutions I’ve tried:
https://tech-playground.com/snippet/thankful-scorpion-of-success/
Any help will be greatly appreciated because I’ve been trying to do this for a while already.
Ha, interesting! My logic for the return was to get an actual 404 for non-rate-limited requests, but trying your solution (removing the
– j3j5return 404) it seems to work as expected on this proof of concept. I know I did try it on my server (with a slightly more complex setup) and it didn't work for me, so I'm going to try it again because it may be I missed something back when I tried. Thanks so much for your response, I'll try to update the PoC if I find any other issue!You already define returning a 404 for non rate limited requests in L22 :) You can see this in action if you keep
– alessandrolimit_req_statusto429:)Hey @alessandro, what's the best way to post a follow up? shall I create another topic or edit this one? I did found my issue removing the
– j3j5returnstatement on my setup, and I'd like to provide my udpated config to see if I can find some help :) Technically my question here is solved, so my bet would be a new topic, but wanted to double check because I don't want to spam the community.I'd say create a new one :)
– alessandro