Mastering Nginx

(Ron) #1
Chapter 5

[ 97 ]

location / {

# any IP's not from Switzerland or in our list above
# receive the
# default value of "0" and are given the Forbidden HTTP
# code
if ($exclusions = "0" ) {

return 403;

}

# anybody else has made it this far and is allowed access
# to the
# upstream server
proxy_pass http://upstream;

}

}

}

This is just one way of solving the problem of blocking access to a site based on the


client's IP address. Other solutions involve saving the IP address of the client in a
key-value store, updating a counter for each request, and blocking access if there


have been too many requests within a certain time period.


Isolating application components for scalability


Scaling applications can be described by moving in two dimensions, up and out.


Scaling up refers to adding more resources to a machine, growing its pool of available
resources to meet client demand. Scaling out means adding more machines to a pool


of available responders, so that no one machine gets tied up handling the majority


of clients. Whether these machines are virtualized instances running in the cloud or
physical machines sitting in a datacenter, it is often more cost-effective to scale out


rather than up. This is where NGINX fits in handily as a reverse proxy.

Free download pdf