Hello Guys,
I am looking for setting up Rate limit using Mod security rule.
Can anyone please help me to write such rule set
for example, I tried with.
# Rule 1: Initialize website-specific counter
SecAction "phase:1,id:900,pass,initcol:ip=%{REMOTE_ADDR}/%{SERVER_NAME}/count/60"
# Rule 2: Increment website-specific counter and log full variable
SecRule REQUEST_HEADERS:Host "@rx ^([^:]+)" \
"id:901,log,pass,setvar:ip.%{REMOTE_ADDR}/%{SERVER_NAME}/count/60+=1"
# Rule 3: Block if request count exceeds 100 per 60 seconds
SecRule IP:%{REMOTE_ADDR}/%{SERVER_NAME}/count/60 "@gt 1" \
"id:902,phase:1,deny,status:429,\
log,msg:'Client exceeded request limit for %{SERVER_NAME} from IP %{REMOTE_ADDR}, please try again later.'"
but not working .
I want to configure like per IP, per minute , n requests.
Using apache 2.4.52 on ubuntu 22.04, with mod security version 2.9.5
Thanks