Implements fastcgi_cache and limit_req #7
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 2 commits
May 2, 2017 10:48
Benchmarking shows a significant increase of server response from 100ms to 10ms using FastCGI Cache. FastCGI Cache will make NGINX cache the page as static once generated, so the server will respond amazingly fast. You can enable FastCGI Cache by setting `php_fastcgi_cache_enabled` to `true`. If you want to clear the cache, you need to call from the same machine this corresponding URL : `http://[[php_base_name]].purge.cache.fastcgi.nginx.local/` More information about caching features can be found in `defaults/main.yml`.
A dynamic website without limit_req or something similar, is a website that can be thrown down just by holding F5 button in a web browser, overloading the resources of the server. limit_req permits to set a maximum number of requests per number of seconds per client IP address, amazingly increasing security against denial of services. Once a client reach it's limit, a status code "429 Too Many Requests" is responded (RFC6585#4) Only two parameters over the role are required in order to set up limit_req : ```yaml php_limitreq_enabled: true php_limitreq_per_second: 10 ```
ghost
requested a review
from 
|
@fpeyre Ready to review |
ghost
changed the title
ellmetha
approved these changes
Jul 10, 2019
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Implements NGINX limit_req for security
A dynamic website without limit_req or something similar,
is a website that can be thrown down just by holding F5 button
in a web browser, overloading the resources of the server.
limit_req permits to set a maximum number of requests per number of seconds
per client IP address, amazingly increasing security against denial of services.
Once a client reach it's limit, a status code "429 Too Many Requests" is responded (RFC 6585-4)
Only two parameters over the role are required in order to set up limit_req :
How to test
Note that this behavior is per individual IP address only.
Implementing FastCGI cache to NGINX virtual host
Benchmarking shows a significant increase of server response from 100ms to 10ms using FastCGI Cache.
FastCGI Cache will make NGINX cache the page as static once generated, so the server will respond amazingly fast.
You can enable FastCGI Cache by setting
php_fastcgi_cache_enabledtotrue.If you want to clear the cache, you need to call from the same machine this
corresponding URL :
http://[[php_base_name]].purge.cache.fastcgi.nginx.local/More information about caching features can be found in
defaults/main.yml.How to test