From 1091b89f33c210a34490ac0a4c3662bab44fd474 Mon Sep 17 00:00:00 2001 From: Mitchell Krog Date: Thu, 2 Mar 2017 12:54:45 +0200 Subject: [PATCH] V2.2017.05 - Major Version Update (Typo Corrections) --- CONFIGURATION.md | 3 +++ README.md | 3 +++ 2 files changed, 6 insertions(+) diff --git a/CONFIGURATION.md b/CONFIGURATION.md index b54365093..616a7d4bd 100644 --- a/CONFIGURATION.md +++ b/CONFIGURATION.md @@ -100,8 +100,11 @@ Use nano, vim or any other text editor to edit (if needed) blacklist-user-agents The important settings file above adds the rate limiting functions and hash_bucket settings for nginx for you. Below is what the file contains, you cn add these manually to your nginx.conf file if you so please but the include file above will do it for you ad nginx loads any .conf file in /etc/conf.d (See STEP 6) > server_names_hash_bucket_size 64; + > server_names_hash_max_size 4096; + > limit_req_zone $binary_remote_addr zone=flood:50m rate=90r/s; + > limit_conn_zone $binary_remote_addr zone=addr:50m; **PLEASE NOTE:** The above rate limiting rules are for the DDOS filter, it may seem like high values to you but for wordpress sites with plugins and lots of images, it's not. This will not limit any real visitor to your Wordpress sites but it will immediately rate limit any aggressive bot. Remember that other bots and user agents are rate limited using a different rate limiting rule at the bottom of the globalblacklist.conf file. diff --git a/README.md b/README.md index c0e160f2d..10f8b5b8e 100644 --- a/README.md +++ b/README.md @@ -208,8 +208,11 @@ Use nano, vim or any other text editor to edit (if needed) blacklist-user-agents The important settings file above adds the rate limiting functions and hash_bucket settings for nginx for you. Below is what the file contains, you cn add these manually to your nginx.conf file if you so please but the include file above will do it for you ad nginx loads any .conf file in /etc/conf.d (See STEP 6) > server_names_hash_bucket_size 64; + > server_names_hash_max_size 4096; + > limit_req_zone $binary_remote_addr zone=flood:50m rate=90r/s; + > limit_conn_zone $binary_remote_addr zone=addr:50m; **PLEASE NOTE:** The above rate limiting rules are for the DDOS filter, it may seem like high values to you but for wordpress sites with plugins and lots of images, it's not. This will not limit any real visitor to your Wordpress sites but it will immediately rate limit any aggressive bot. Remember that other bots and user agents are rate limited using a different rate limiting rule at the bottom of the globalblacklist.conf file.