You can also use ulimit but simple iptable/ipfw/pf will do the job
On Tue, Apr 4, 2017 at 3:13 PM <[email protected]> wrote: > You would probably want to also limit the number of connections per IP > address, else one IP could lock up the entire site. > > > Original Message > From: Valentin V. Bartenev > Sent: Tuesday, April 4, 2017 1:58 PM > To: [email protected] > Reply To: [email protected] > Subject: Re: Limit number of connections to server > > On Tuesday 04 April 2017 17:22:58 Kamil Gorlo wrote: > > Hi, > > > > is there a way to limit total number of open connections per listening > port > > in Nginx? I know that there is limit_conn module but as far as I > understand > > it only works on "request" layer, which means connections are counted > only > > when request headers have been already read. > > > > I have problem when number of SSL connections to my server is very high > > (CPU is 100% and server becomes unresponsive), and I would like to "cut" > > new connections after some defined threshold is exceeded. It would > possibly > > save some CPU cycles needed to handle SSL handshake, etc. > > > > Is it possible? > > > > You should use system firewall. Most of *nix systems have one out of the > box. > > wbr, Valentin V. Bartenev > > _______________________________________________ > nginx mailing list > [email protected] > http://mailman.nginx.org/mailman/listinfo/nginx > _______________________________________________ > nginx mailing list > [email protected] > http://mailman.nginx.org/mailman/listinfo/nginx > -- Payam Tarverdyan Chychi Network Security Specialist / Network Engineer
_______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
