From f195b74410c92a18cc402ca9aeff3ecf8d6f32d5 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 24 Nov 2020 07:58:02 -0500
Subject: [PATCH] enforce an initial HTTP connection limit per IP

---
 nginx/nginx.conf | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/nginx/nginx.conf b/nginx/nginx.conf
index 4a92e868..a86a3758 100644
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -25,6 +25,9 @@ http {
     client_header_timeout 30s;
     send_timeout 30s;
 
+    limit_conn_zone $binary_remote_addr zone=addr:10m;
+    limit_conn addr 256;
+
     ssl_protocols TLSv1.2 TLSv1.3;
     ssl_prefer_server_ciphers on;