Open UltraBlackLinux opened 7 months ago
same problem, did you find a solution?
@Hor1kon I switched to this: https://github.com/mholt/caddy-ratelimit it's working fine
@Hor1kon This is working for me
handle /login {
rate_limit {remote.host} 10r/m
reverse_proxy my-app:3000 {
header_up X-Real-IP {remote_host}
}
}
I had to add an order block at the top of my Caddy file
{
order rate_limit before basicauth
}
Also, make sure that the network request that you are trying to block actually matches the path that you have in your handle.
@Hor1kon I switched to this: https://github.com/mholt/caddy-ratelimit it's working fine
Yea, I also have switched to it
@Hor1kon This is working for me
handle /login { rate_limit {remote.host} 10r/m reverse_proxy my-app:3000 { header_up X-Real-IP {remote_host} } }
I had to add an order block at the top of my Caddy file
{ order rate_limit before basicauth }
Also, make sure that the network request that you are trying to block actually matches the path that you have in your handle.
Yeah, I think by me it wasn't working because of this first line, because in other rate-limit build this line was initially in the example
Hey there, I'm trying to protect a basicauth prompt against brute-forcing using
rate_limit
, but for some reason it just does not trigger. I cancurl
the path all day long and it will not even once return a429
. Here's my config:any idea why?