🤩 New Cool Developer Tools for you. Explore →
FREE JavaScript Video Series Start Learning →
FLAT 75% OFF All Interactive courses at flat ₹250 / $3.25 only. HURRRRRY!! Explore now
  Signup/Sign In
Tests
MCQs to test your knowledge.
Forum
Engage with the community.
Compilers
Compilers to execute code in browser.
Index
PUBLISHED ON: MARCH 2, 2023

Limit download speed in Nginx server

The upload and download speeds of data on web server must be regulated per client to make sure that no one client uses all of your application's bandwidth. This makes sure that all users have a positive user experience rather than a small number of people cornering all of your downloads. This is a typical nginx security measure to protect against DoS (Denial of Service) attacks from unscrupulous users looking to take advantage of a site's performance.

In this tutorial we will learn how to set an nginx download speed limit. We will discuss three methods to achieve our desired security and experience on the website, which are IP, Number of connection and the load on server. We've presummated that you've set up nginx on your server already using previous tutorials.

How to edit the Nginx configuration?

The default configuration file for Nginx is /etc/nginx/nginx.conf. You can add domains to this configuration but it will become harder to manage. So, it is recommended to add another configuration file (in /etc/nginx/sites-available directory) and add a new domain to it.

Here, I opened default nginx config file using vi text editor as a privileged user for writing new changes to the file.

$ sudo vi /etc/nginx/nginx.conf

How to set an NGINX Download Speed Limiter

Use the limit rate directive in nginx to restrict bandwidth. This limits the rate at which responses are sent to clients. It provides the rate limit for a certain context in bytes per second by default and is usable in the HTTP, server, location, and if statement inside a location block. In addition, you can write kilobytes as k, megabytes as m or gigabytes as g to make it more readable.

limit_rate 100k;

Limit rate after is another comparable directive that states that the connection shouldn't be rate-limited until a certain amount of data has been sent. The HTTP, server, location, and "if statement within a location block" variables can all be used to set this directive.

limit_rate_after 500k;

How to set an Download bandwidth and Number of connection in Nginx?

The client can open many connections using the parameters mentioned above to boost bandwidth with the help of a download accelerator. As a result, in addition to the methods we have already discussed, you can also limit the number of connections per client using a parameter like an IP address.

You may, for instance, restrict connections to one per IP address.

limit_conn_zone $binary_remote_addr zone=limitconnbyaddr:50m;
limit_conn_status 429;

server {
    listen 8080;

    location  /documents {
         limit_rate 100k;
         limit_rate_after 500k;  
         limit_conn   limitconnbyaddr  1;
}
}

How to dynamically set Bandwidth Limits in NGINX

You can give variables as a parameter value for the limit_rate directive to dynamically restrict bandwidth. In this instance, the map block is being used. By using the first argument, you were able to build a new variable whose value is dependent on one or more of the original variables ($slow and $limit_rate) that were supplied.

map $slow $limit_rate {
    1     50k;
    2     60k;
}

server {
    listen 80;

    location /documents {
         limit_rate $limit_rate;
         limit_rate_after 500k;
}
}

Here is another example configuration to show how nginx dynamically limits bandwidth. With this configuration, nginx is able to set bandwidth restrictions based on the TLS version. The limit rate after headers have been sent is implied by the directive limit_rate_after 512.

map $ssl_protocol $response_rate {
    "TLSv1.1" 20k;
    "TLSv1.2" 100k;
    "TLSv1.3" 200k;
}

server {
    listen 443 ssl;
    ssl_protocols       TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_certificate     /etc/ssl/app.crt;
    ssl_certificate_key   /etc/ssl/app.key;

    location / {
        limit_rate       $response_rate;
        limit_rate_after 512;
        proxy_pass       http://service;
    }
}

Finally, You can save the configuration file.

Verify our configuration, then launch Nginx.

It is a recommended practice to test new configurations before loading them to the production server because a single syntax mistake will prevent the Nginx service from running, which will prevent users from accessing your website. You can use the following command to do so.

$ sudo nginx -t -c /etc/nginx/nginx.conf

Finally, Start/Restart/Reload the server to load the changes:

$ sudo systemctl restart nginx

or

$ sudo service nginx restart
Want to learn coding?
Try our new interactive courses.
View All →
Over 20,000+ students enrolled.
About the author:
sam5epi0l
Pradeep has expertise in Linux, Go, Nginx, Apache, CyberSecurity, AppSec and various other technical areas. He has contributed to numerous publications and websites, providing his readers with insightful and informative content.
Learn to Code
Learn and practice coding side-by-side.
NEW
C language Course
115+ coding exercises
Javascript Course
85+ coding exercises
More →