|
From: Patrick R. <P.R...@ma...> - 2022-03-11 04:00:04
|
Hi all, I’m wanting to introduce IP based rate limiting protection to our Apache config, and am basing my config off this Gist: https://gist.github.com/josnidhin/91d1ea9cd71fde386c27a9228476834e I’m wanting to understand the line: SecRule IP:ACCESS_COUNT "@gt {{ burst_rate_limit }}" "phase:2,pause:300,deny,status:503,setenv:RATELIMITED,skip:1,nolog,id:102" In particular what are the units associated with burst_rate_limit ? What does it mean if you set this variable to a value like 100 ? (Does this correspond to a rate of 100 per minute ? If not, what does it correspond to ?) Thanks, Patrick |
