This build of Caddy includes the
caddy-ratelimit plugin, which adds
the rate_limit HTTP handler directive. It is used to bound the request rate to
expensive endpoints — for example, protecting a backend from a crawl that would
otherwise be served one expensive request at a time.
Create a Caddyfile as follows. A constant key makes the zone a single global
bucket, so the limit bounds the total request rate to the matched path
regardless of how many client addresses are involved:
your.fqdn.com {
route {
rate_limit {
zone expensive {
match {
path /expensive/*
}
key static
events 10
window 1s
}
}
reverse_proxy www:8080
}
}
And a Docker compose file such as
version: "3.7"
services:
caddy:
image: ocurrent/caddy-ratelimit:live
ports:
- "80:80"
- "443:443"
volumes:
- /etc/caddy:/etc/caddy:ro
- caddy_data:/data
- caddy_config:/config
volumes:
caddy_data:
caddy_config: