Hello!
On Sun, Apr 04, 2021 at 10:13:46PM +0200, Christian Staudte wrote:
> regarding rate limiting in IPv6 configurations I see the following
> problem: As normally a subnet between a /56 and a /64 is assigned to a
> client by an ISP, and both $binary_remote_addr and $remote_addr always
> contai
I dont think limit_req works on CIDR rather individual IPs. At least per the
description of the module for limiting requests, it works on a single IP level
not on a CIDR range level and I don't immediately see a way to make that happen
- whether IPv4 or IPv6.Sent from my T-Mobile 4G LTE Device
Hello,
regarding rate limiting in IPv6 configurations I see the following
problem: As normally a subnet between a /56 and a /64 is assigned to a
client by an ISP, and both $binary_remote_addr and $remote_addr always
contain the whole IPv6 address, a single client can always spoof the
rate limiter
