Using limits to prevent abuse
We build and host websites because we want users to visit them. We want our websites to always be available for legitimate access. This means that we may have to take measures to limit access to abusive users. We may define abusive to mean anything from one request per second to a number of connections from the same IP address. Abuse can also take the form of a distributed denial-of-service (DDoS) attack, where bots running on multiple machines around the world all try to access the site as many times as possible at the same time. In this section, we will explore methods to counter each type of abuse to ensure that our websites are available.
First, let's take a look at the different configuration directives that will help us achieve our goal:
|
HTTP limits directives |
Explanation |
|---|---|
|
|
This directive specifies a shared memory zone (configured with |
|
|
