429
nginx
runtime_error
ai_generated
partial
limiting requests, reject: 429 Too Many Requests
ID: nginx/limit-req-rejected-request
85%Fix Rate
88%Confidence
1Evidence
2023-06-15First Seen
Version Compatibility
| Version | Status | Introduced | Deprecated | Notes |
|---|---|---|---|---|
| nginx 1.24.0 | active | — | — | — |
| nginx 1.22.1 | active | — | — | — |
| nginx 1.20.2 | active | — | — | — |
Root Cause
The client has exceeded the rate limit defined by the limit_req_zone and limit_req directives, resulting in a 429 status code.
generic中文
客户端超过了 limit_req_zone 和 limit_req 指令定义的速率限制,导致返回 429 状态码。
Official Documentation
https://nginx.org/en/docs/http/ngx_http_limit_req_module.htmlWorkarounds
-
90% success Increase the rate limit in the http block: 'limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10r/s;' and adjust the location block: 'limit_req zone=mylimit burst=20 nodelay;' to allow bursts.
Increase the rate limit in the http block: 'limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10r/s;' and adjust the location block: 'limit_req zone=mylimit burst=20 nodelay;' to allow bursts.
-
85% success Use a larger burst size to absorb temporary spikes: 'limit_req zone=mylimit burst=50 nodelay;' and ensure the zone size is sufficient (e.g., 10m for 160k IPs).
Use a larger burst size to absorb temporary spikes: 'limit_req zone=mylimit burst=50 nodelay;' and ensure the zone size is sufficient (e.g., 10m for 160k IPs).
-
80% success Implement client-side retry with exponential backoff to avoid hitting the limit, e.g., in JavaScript with a max retries of 3 and delay doubling.
Implement client-side retry with exponential backoff to avoid hitting the limit, e.g., in JavaScript with a max retries of 3 and delay doubling.
中文步骤
Increase the rate limit in the http block: 'limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10r/s;' and adjust the location block: 'limit_req zone=mylimit burst=20 nodelay;' to allow bursts.
Use a larger burst size to absorb temporary spikes: 'limit_req zone=mylimit burst=50 nodelay;' and ensure the zone size is sufficient (e.g., 10m for 160k IPs).
Implement client-side retry with exponential backoff to avoid hitting the limit, e.g., in JavaScript with a max retries of 3 and delay doubling.
Dead Ends
Common approaches that don't work:
-
90% fail
worker_connections controls concurrent connections, not request frequency.
-
85% fail
Rate limiting occurs at the request level, not the body reading phase.
-
10% fail
This removes protection against abuse or DDoS.