All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
So what am I not understanding about nginx rate limiting? (HTTP 429)
I have server #1 which analyzes a bunch of things in a database and then does a few hundred POST requests to server #2, which accepts them via nginx.
When server #1 does its thing, it might fire off maybe 5-10 POSTs per second. Server #2 is an E31240 dedicated server with 32GB of RAM and is mostly idle other than handling this traffic.
I'm getting a bunch of 429s from nginx (rate limit exceeded). So I researched and put this in the nginx config for the site on server #2:
limit_req_zone $binary_remote_addr zone=zone1:10m rate=100r/s;
location / { limit_req zone=zone1; ...
Also put that limit_req_zone in this block, which enables fpm:
location ~ \.php$ { limit_req zone=zone1; ...
Yet the 429s persist. As. I understand how this works, nginx will create a 10MB bucket and fill it with IP addresses to track requests. They'll be limited to 100 requests a second, which I'm nowhere near.
Comments
Turns out it was Laravel, not nginx.
in app/Providers/RouteServiceProvider.php
There is this code:
Changing that value fixed the problem
Any reason why you are using bloated laravel instead more api focused and lightweight alternatives? Phalcon maybe.
The rest of the app is Laravel. And I know Laravel. Sort of.
Laravel may have a lot of knobs and dials but so far it's been performant enough for me, even though I'm sure I'm only using a fraction of its features.
Just to clarify, nginx has no imposed rate limits by default (unless you add them via the mentioned limit_req_zone)
I hadn't even scrolled down and seen your comment regarding Laravel before I was going to type "it's your origin/backend/downstream, not nginx". nginx was simply forwarding the response to you, from the origin/backend/downstream.
Glad you figured it out.
FWIW the nginx premium queue feature is possible for free by using the burst and delay parameters in limit_req_zone. implementing this on a global scope instead of per IP can be effective
This is the way
I see so many devs spending unnecessary time learning new frameworks (sometimes even new LANGUAGES) simply for the small performance benefit
While at the same time not even being CLOSE to maxing out what their current language & framework combination is capable of
Someone really MASTERING a "slow" language or framework will likely build a faster and generally more stable app compared to someone who's chasing the speed and therefore always being a noob at whatever language they're currently coding in
As said, I've seen this WAY too much