How to limit website visitor bandwidth by country

This technique is great if you have no customers from countryX but are being targeted by a DoS, unwanted crawlers, bots, scrapers and other baddies. Please don’t use this to discriminate against less profitable countries. The web should be open for all. Thanks.

If you’re not already using Nginx, you should get it even if you already have a great web server. Put it in front and get it to act as a reverse proxy.

First grab this perl script which you will use to convert Maxmind’s geo IP database into a format usable by Nginx.

Then download Maxmind’s latest GeoLite country database in CSV format on this page.

Then run:

geo2nginx.pl < maxmind.csv > nginxGeo.txt

Copy nginxGeo.txt into your nginx config directory.

Then add the following text in the ‘http’ section of your nginx.conf file:

geo $country {
default no;
include nginxGeo.txt;
}

Then add the following in the ‘server’ section of your nginx.conf file:

if ($country ~ ^(?:US|CA|ES)$ ){
set $limit_rate 10k;
}
if ($country ~ ^(?:BR|ZA)$ ){
set $limit_rate 20k;
}

This limits anyone from the USA, Canada and Spain to a maximum of 10 kilobits per second of bandwidth. It gives anyone from Brazil and South Africa 20 Kbps of bandwidth. Every other country gets the maximum.

You could use a exclamation character before the tilde (!~) to do the opposite. In other words, if you’re NOT from US, Canada or Spain, you get 10 Kbps, although I strongly advise against this policy.

Remember that $limit_rate only limits per connection, so the amount of bandwidth each visitor has is $limit_rate X number_of_connections. See below to limit connections.

Another interesting variable is limit_rate_after. The documentation on this is very very sparse, but from what I’ve gathered it is time based. So the first 1 minute of a connection will get full bandwidth, and then after that the limiting starts. Great for streaming sites I would think.

There are two other great modules in Nginx but neither of them work inside ‘if’ directives which means you can’t use them to limit by country. They are the Limit Zone module which lets you limit the number of concurrent connections and the Limit Requests module which lets you limit the number of requests over a period of time. The Limit Requests module also has a burst variable which is very useful. Once again the documentation is sparse, but this comment from Igor (Nginx author) sheds some light on how bursting works.

I’ve enabled all three features on our site. Bandwidth limiting by country, limiting concurrent connections and limiting requests over a time period. I serve around 20 to 40 million requests a day on a single nginx box and I haven’t noticed much performance degradation with the new config. It has quadrupled the size of each nginx process though to about 46M per process, but that’s still a lot smaller than most web server processes.

8 thoughts on “How to limit website visitor bandwidth by country

  1. This website can be a stroll-by way of for the entire data you wished about this and didn�t know who to ask. Glimpse right here, and also you�ll positively uncover it.

  2. There are certainly a number of details like that to take into consideration. That is a great point to deliver up. I offer the thoughts above as basic inspiration but clearly there are questions like the one you deliver up where crucial thing will be working in honest good faith. I don?t know if best practices have emerged around things like that, but I am sure that your job is clearly identified as a fair game. Both boys and girls feel the impression of just a moment�s pleasure, for the rest of their lives.

  3. These types of drugs come in are supplements or even extended-release supplements (capsules which release medicine over a long time). Diet pills can be had by a dermatologist’s prescribed as well as ordered otc. 1 frequent doctor prescribed appetite suppressant will be apettite supressant. The Food has additionally approved your appetite depressent Belviq regarding long-term use in dealing with weight problems. Unwanted side effects include dizziness, frustration and also tiredness.

  4. Hi,
    I am receiving huge amount of traffic (from few IP addresses, and I assume they are hacker) to my website, which might cause my website to shut down.
    1- Do you have any advise on this?
    2- Is it possible to limit the Bandwidth for every visitor IP, so no IP can consume a lot bandwidth?

    Thanks.

  5. Hello,

    limit_rate_after is not working over time but over amount of data. So, 1m means 1MB, you can use also ex. 100k or similar value. If for example 1m is set then you will have full speed until 1MB of file is sent. After that download will be throttled to limit_rate value.

    Regards,
    Ivan

  6. Hi Mark,

    The docs on limiting with NginX seem a little thin so it’s great to see an explanation in plain english.

    I am using Nginx with cloud hosting, the problem being that if a given server gets a traffic spike I get a huge bill. Do you know of an easy way to simply put a cap on bandwidth usage for each virtual domain so that it shows an error page for example when the limit is hit? I suppose with too much traffic even the error page could increase the costs :/ what is the best way around this?

    Many thanks,

    Jamie

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Notify me of followup comments via e-mail. You can also subscribe without commenting.