[GH-ISSUE #116] [Feature Request] Support for rate limiting #103

New issue

Open

opened 2026-02-26 05:34:35 +03:00 by kerem · 18 comments

kerem commented 2026-02-26 05:34:35 +03:00

Owner

Copy link

Originally created by @nfacha on GitHub (Apr 6, 2019).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/116

Allow to configure NGINX rate limits from the UI

Originally created by @nfacha on GitHub (Apr 6, 2019). Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/116 Allow to configure NGINX rate limits from the UI

kerem added the

enhancement

label 2026-02-26 05:34:35 +03:00

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@thefirst100yearsaredifficult commented on GitHub (Oct 31, 2020):

Any updates on this? @jc21

<!-- gh-comment-id:719925883 --> @thefirst100yearsaredifficult commented on GitHub (Oct 31, 2020): Any updates on this? @jc21

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@dedarh commented on GitHub (Mar 1, 2021):

Any updates on this? @jc21

<!-- gh-comment-id:788230057 --> @dedarh commented on GitHub (Mar 1, 2021): Any updates on this? @jc21

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@JackBailey commented on GitHub (Jan 26, 2022):

Any updates on this? @jc21

<!-- gh-comment-id:1022141963 --> @JackBailey commented on GitHub (Jan 26, 2022): Any updates on this? @jc21

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@ArmJo commented on GitHub (Feb 24, 2022):

For everyone who wants to implement it partially without UI: you can use the option for advanced configuration.

1. Create the file /data/nginx/custom/http_top.conf (maybe mounted elsewhere so check your docker volumes)
2. Edit the file and insert the line limit_req_zone $binary_remote_addr zone=mylimit:10m rate=3r/s; (can be changed to your needs and multiple zones are possible). Save and close the file
3. Restart NPM and open the Web UI
4. Edit the Proxy Host and under advanced you can add this code (example for Jellyfin):

location /Users/authenticatebyname {
   limit_req zone=mylimit burst=8 delay=6;
   proxy_pass http://$server:$port;
}

5. Edit the location, burst and delay (maybe change the scheme to https if needed)
6. Save the changes, it should still show "online"

More information about the configuration on the offical nginx page

I use this setup for Jellyfin and filebrowser and it works fine for me.

<!-- gh-comment-id:1049646024 --> @ArmJo commented on GitHub (Feb 24, 2022): For everyone who wants to implement it partially without UI: you can use the option for [advanced configuration](https://nginxproxymanager.com/advanced-config/#custom-nginx-configurations). 1. Create the file `/data/nginx/custom/http_top.conf` (maybe mounted elsewhere so check your docker volumes) 2. Edit the file and insert the line `limit_req_zone $binary_remote_addr zone=mylimit:10m rate=3r/s;` (can be changed to your needs and multiple zones are possible). Save and close the file 3. Restart NPM and open the Web UI 4. Edit the Proxy Host and under `advanced` you can add this code (example for Jellyfin): ``` location /Users/authenticatebyname { limit_req zone=mylimit burst=8 delay=6; proxy_pass http://$server:$port; } ``` 5. Edit the location, burst and delay (maybe change the scheme to https if needed) 6. Save the changes, it should still show "online" More information about the configuration on the [offical nginx page](https://www.nginx.com/blog/rate-limiting-nginx/) I use this setup for Jellyfin and filebrowser and it works fine for me.

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@cardtap commented on GitHub (Oct 20, 2022):

Just wanted to add that this feature would be very helpful for me as well. The custom http_top config works wonders but having the custom location in the advanced section isn't the cleanest approach. Even if there was a one line field that would allow you to insert the limit_req parameters in the existing location directive, that would be sweet.

<!-- gh-comment-id:1285764067 --> @cardtap commented on GitHub (Oct 20, 2022): Just wanted to add that this feature would be very helpful for me as well. The custom http_top config works wonders but having the custom location in the advanced section isn't the cleanest approach. Even if there was a one line field that would allow you to insert the limit_req parameters in the existing location directive, that would be sweet.

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@geez0r commented on GitHub (Jan 5, 2023):

hello,
another "yes please me too" comment...

After having a look at the network traffic and being horrified I would also suggest having this as a priority. The whole point of NPM is to take away the pain of manually messing with nginx config and a built in rate limit / fail2ban functionality would be very welcome.

Cheers

<!-- gh-comment-id:1372172579 --> @geez0r commented on GitHub (Jan 5, 2023): hello, another "yes please me too" comment... After having a look at the network traffic and being horrified I would also suggest having this as a priority. The whole point of NPM is to take away the pain of manually messing with nginx config and a built in rate limit / fail2ban functionality would be very welcome. Cheers

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@Robin-Sch commented on GitHub (Jun 16, 2023):

location /Users/authenticatebyname {
   limit_req zone=mylimit burst=8 delay=6;
   proxy_pass http://$server:$port;
}

This is not working for my nextcloud instance (it gave the untrusted domain error), however, this does work:

location /Users/authenticatebyname {
    limit_req zone=mylimit burst=8 delay=6;
    include conf.d/include/proxy.conf;
}

<!-- gh-comment-id:1594680505 --> @Robin-Sch commented on GitHub (Jun 16, 2023): > ``` > location /Users/authenticatebyname { > limit_req zone=mylimit burst=8 delay=6; > proxy_pass http://$server:$port; > } > ``` This is not working for my nextcloud instance (it gave the untrusted domain error), however, this does work: ``` location /Users/authenticatebyname { limit_req zone=mylimit burst=8 delay=6; include conf.d/include/proxy.conf; } ```

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@TornadoRadon commented on GitHub (Nov 14, 2023):

I wonder why this issue still open

<!-- gh-comment-id:1809848350 --> @TornadoRadon commented on GitHub (Nov 14, 2023): I wonder why this issue still open

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@unitea1992 commented on GitHub (Jan 28, 2024):

Do you have any plans to address this issue?
I am strongly requesting this feature.

<!-- gh-comment-id:1913638491 --> @unitea1992 commented on GitHub (Jan 28, 2024): Do you have any plans to address this issue? I am strongly requesting this feature.

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@AlexPewMaster commented on GitHub (Apr 9, 2024):

Hi, I personally use Nginx Proxy Manager to publicly host services. I would really appreciate it if this could get implemented to prevent DDoS attacks and possibly filling up all of the available traffic.

<!-- gh-comment-id:2045037212 --> @AlexPewMaster commented on GitHub (Apr 9, 2024): Hi, I personally use Nginx Proxy Manager to publicly host services. I would really appreciate it if this could get implemented to prevent DDoS attacks and possibly filling up all of the available traffic.

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@aminnairi commented on GitHub (Jul 11, 2024):

Any plans on supporting this in a near future? 👀

<!-- gh-comment-id:2222426977 --> @aminnairi commented on GitHub (Jul 11, 2024): Any plans on supporting this in a near future? :eyes:

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@NazgulCoder commented on GitHub (Aug 22, 2024):

location /Users/authenticatebyname {
   limit_req zone=mylimit burst=8 delay=6;
   proxy_pass http://$server:$port;
}

This is not working for my nextcloud instance (it gave the untrusted domain error), however, this does work:

location /Users/authenticatebyname {
    limit_req zone=mylimit burst=8 delay=6;
    include conf.d/include/proxy.conf;
}

I did it like this and it works

location /Users/authenticatebyname {
   limit_req zone=mylimit burst=8 delay=6;
   proxy_pass http://$server:$port;
}

but how can I do it for the entire website?

using

location / {

will not work. When i try to open any /subpage it will try to pass the connection to the private IP of the docker container

Also, do you know how to implement it correctly with Cloudflare so that it does not rate limit the Cloudflare IPs, but instead it checks the REAL IPs?

<!-- gh-comment-id:2305004688 --> @NazgulCoder commented on GitHub (Aug 22, 2024): > > ``` > > location /Users/authenticatebyname { > > limit_req zone=mylimit burst=8 delay=6; > > proxy_pass http://$server:$port; > > } > > ``` > > This is not working for my nextcloud instance (it gave the untrusted domain error), however, this does work: > > ``` > location /Users/authenticatebyname { > limit_req zone=mylimit burst=8 delay=6; > include conf.d/include/proxy.conf; > } > ``` I did it like this and it works ``` location /Users/authenticatebyname { limit_req zone=mylimit burst=8 delay=6; proxy_pass http://$server:$port; } ``` but how can I do it for the entire website? using `location / {` will not work. When i try to open any /subpage it will try to pass the connection to the private IP of the docker container Also, do you know how to implement it correctly with Cloudflare so that it does not rate limit the Cloudflare IPs, but instead it checks the REAL IPs?

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@presotto-m commented on GitHub (Feb 7, 2025):

Any updates on this? I'm in need of a rate limit setting.

<!-- gh-comment-id:2644049442 --> @presotto-m commented on GitHub (Feb 7, 2025): Any updates on this? I'm in need of a rate limit setting.

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@mourraille commented on GitHub (Apr 7, 2025):

Any plans to add rate limit support ?

<!-- gh-comment-id:2783547045 --> @mourraille commented on GitHub (Apr 7, 2025): Any plans to add rate limit support ?

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@0xc0000f commented on GitHub (May 15, 2025):

any updates ?

<!-- gh-comment-id:2883876212 --> @0xc0000f commented on GitHub (May 15, 2025): any updates ?

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@github-actions[bot] commented on GitHub (Dec 9, 2025):

Issue is now considered stale. If you want to keep it open, please comment 👍

<!-- gh-comment-id:3629899338 --> @github-actions[bot] commented on GitHub (Dec 9, 2025): Issue is now considered stale. If you want to keep it open, please comment :+1:

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@amarotica commented on GitHub (Dec 9, 2025):

Just bumping this - rate limiting is not stale. Any ideas on how to implement? Thanks

<!-- gh-comment-id:3630000749 --> @amarotica commented on GitHub (Dec 9, 2025): Just bumping this - rate limiting is not stale. Any ideas on how to implement? Thanks

kerem commented 2026-02-26 05:34:36 +03:00

Author

Owner

Copy link

@enriluis commented on GitHub (Feb 11, 2026):

still open?

<!-- gh-comment-id:3887752600 --> @enriluis commented on GitHub (Feb 11, 2026): still open?

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

dependabot/npm_and_yarn/backend/liquidjs-10.25.7

dependabot/npm_and_yarn/frontend/prod-minor-updates-2a16bf3987

dependabot/npm_and_yarn/frontend/dev-patch-updates-754666cf41

dependabot/npm_and_yarn/backend/basic-ftp-5.3.0

dependabot/npm_and_yarn/test/follow-redirects-1.16.0

dependabot/npm_and_yarn/test/axios-1.15.0

dependabot/npm_and_yarn/frontend/lodash-4.18.1

dependabot/npm_and_yarn/backend/lodash-4.18.1

dependabot/npm_and_yarn/test/lodash-4.18.1

dependabot/npm_and_yarn/frontend/vite-7.3.2

dependabot/npm_and_yarn/backend/prod-minor-updates-5ec19a7f21

dependabot/npm_and_yarn/frontend/lodash-es-4.18.1

dependabot/npm_and_yarn/frontend/happy-dom-20.8.9

dependabot/npm_and_yarn/backend/path-to-regexp-8.4.0

dependabot/npm_and_yarn/frontend/picomatch-4.0.4

dependabot/npm_and_yarn/backend/picomatch-2.3.2

dependabot/npm_and_yarn/frontend/yaml-1.10.3

dependabot/npm_and_yarn/test/flatted-3.4.2

dependabot/npm_and_yarn/test/tar-7.5.11

dependabot/npm_and_yarn/frontend/immutable-5.1.5

master

dependabot/npm_and_yarn/test/glob-10.5.0

dependabot/npm_and_yarn/frontend/mdast-util-to-hast-13.2.1

dependabot/npm_and_yarn/test/form-data-4.0.4

v3-abandoned

bump-freedns

openidc

ssl-passthrough-hosts

static-content

v2.14.0

v2.13.7

v2.13.6

v2.13.5

v2.13.4

v2.13.3

v2.13.2

v2.13.1

v2.13.0

v2.12.6

v2.12.5

v2.12.4

v2.12.3

v2.12.2

v2.12.1

v2.12.0

v2.11.3

v2.11.2

v2.11.1

v2.11.0

v2.10.4

v2.10.3

v2.10.2

v2.10.1

v2.10.0

v2.9.22

v2.9.21

v2.9.20

v2.9.19

v2.9.18

v2.9.17

v2.9.16

v2.9.15

v2.9.14

v2.9.13

v2.9.12

v2.9.11

v2.9.10

v2.9.9

v2.9.8

v2.9.7

v2.9.6

v2.9.5

v2.9.4

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v2.8.1

v2.8.0

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.2

v2.6.1

v2.6.0

v2.5.0

v2.4.0

v2.3.1

v2.3.0

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.2

v2.1.1

v2.1.0

2.0.14

2.0.13

2.0.12

2.0.11

2.0.10

2.0.9

2.0.8

2.0.7

2.0.6

2.0.5

2.0.4

2.0.3

2.0.2

2.0.0

v2.0.0

1.1.2

1.1.1

1.0.1

Labels

Clear labels   

awaiting feedback

  

bug

  

cannot reproduce

  

dns provider request

  

duplicate

  

enhancement

  

enhancement

  

enhancement

  

good first issue

  

help wanted

  

invalid

  

need more info

  

no certbot plugin available

  

product-support

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

stale

  

troll

  

upstream issue

  

v2

  

v2

  

v2

  

v3

  

wontfix

No labels

awaiting feedback

bug

cannot reproduce

dns provider request

duplicate

enhancement

enhancement

enhancement

good first issue

help wanted

invalid

need more info

no certbot plugin available

product-support

pull-request

question

stale

troll

upstream issue

v2

v2

v2

v3

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/nginx-proxy-manager-NginxProxyManager#103

No description provided.