Any updates on this? @jc21

Any updates on this? @jc21

For everyone who wants to implement it partially without UI: you can use the option for advanced configuration.

1. Create the file /data/nginx/custom/http_top.conf (maybe mounted elsewhere so check your docker volumes)
2. Edit the file and insert the line limit_req_zone $binary_remote_addr zone=mylimit:10m rate=3r/s; (can be changed to your needs and multiple zones are possible). Save and close the file
3. Restart NPM and open the Web UI
4. Edit the Proxy Host and under advanced you can add this code (example for Jellyfin):

location /Users/authenticatebyname {
   limit_req zone=mylimit burst=8 delay=6;
   proxy_pass http://$server:$port;
}

5. Edit the location, burst and delay (maybe change the scheme to https if needed)
6. Save the changes, it should still show "online"

More information about the configuration on the offical nginx page

I use this setup for Jellyfin and filebrowser and it works fine for me.

Just wanted to add that this feature would be very helpful for me as well. The custom http_top config works wonders but having the custom location in the advanced section isn't the cleanest approach. Even if there was a one line field that would allow you to insert the limit_req parameters in the existing location directive, that would be sweet.

hello,
another "yes please me too" comment...

After having a look at the network traffic and being horrified I would also suggest having this as a priority. The whole point of NPM is to take away the pain of manually messing with nginx config and a built in rate limit / fail2ban functionality would be very welcome.

Cheers

location /Users/authenticatebyname {
   limit_req zone=mylimit burst=8 delay=6;
   proxy_pass http://$server:$port;
}

This is not working for my nextcloud instance (it gave the untrusted domain error), however, this does work:

location /Users/authenticatebyname {
    limit_req zone=mylimit burst=8 delay=6;
    include conf.d/include/proxy.conf;
}

I wonder why this issue still open

Do you have any plans to address this issue?
I am strongly requesting this feature.

Hi, I personally use Nginx Proxy Manager to publicly host services. I would really appreciate it if this could get implemented to prevent DDoS attacks and possibly filling up all of the available traffic.

Any plans on supporting this in a near future? 👀

location /Users/authenticatebyname {
   limit_req zone=mylimit burst=8 delay=6;
   proxy_pass http://$server:$port;
}

This is not working for my nextcloud instance (it gave the untrusted domain error), however, this does work:

location /Users/authenticatebyname {
    limit_req zone=mylimit burst=8 delay=6;
    include conf.d/include/proxy.conf;
}

I did it like this and it works

location /Users/authenticatebyname {
   limit_req zone=mylimit burst=8 delay=6;
   proxy_pass http://$server:$port;
}

but how can I do it for the entire website?

using

location / {

will not work. When i try to open any /subpage it will try to pass the connection to the private IP of the docker container

Also, do you know how to implement it correctly with Cloudflare so that it does not rate limit the Cloudflare IPs, but instead it checks the REAL IPs?

Any updates on this? I'm in need of a rate limit setting.

Any plans to add rate limit support ?

any updates ?