From 9dd688711049233c9cb39c6abb0c996bebe8ba18 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Mon, 19 Apr 2021 14:50:27 -0400
Subject: [PATCH] rate limit sample submission

---
 nginx/nginx.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/nginx/nginx.conf b/nginx/nginx.conf
index 87f40d70..4c94cae3 100644
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -40,6 +40,7 @@ http {
     http2_max_concurrent_streams 32;
     limit_conn_zone $binary_remote_addr zone=addr:10m;
     limit_conn addr 256;
+    limit_req_zone $binary_remote_addr zone=sample:10m rate=6r/m;
 
     ssl_protocols TLSv1.2 TLSv1.3;
     ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256;
@@ -172,6 +173,7 @@ http {
             limit_except POST {
                 deny all;
             }
+            limit_req zone=sample burst=10 nodelay;
         }
 
         location = /challenge {