Mon, 2 May 2016
# Protect your site from ddos with free built-in nginx feature ngx_http_limit_req_module
Table of Contents
When you expect (or not) your website to be a target of malicious traffic – make some free efforts to protect from it. Use nginx option to limit connections allowed per IP. This is not the only thing you could do but this is the least thing you should do.
Option `ngx_http_limit_req_module` lets you to set limitations of simultaneous connection per IP.
Also use logging to have a picture of how often this rule is triggered. If your users feel that they see 503 error too often – increase the value and make informative decision about it.
Also make a nice image for the 503 situation. And set nginx to show it so your users will get better UX even when faced with 503 page.
So User will see nice page instead of standard nginx page: