Merge branch 'develop'

7fae2f50 · Olivier Benz · 0c772cfc · d9213d81 · 7fae2f50 · 7fae2f50
Commit 7fae2f50 authored 3 years ago by Olivier Benz
--- a/README.md
+++ b/README.md
@@ -14,6 +14,9 @@ providing web services on a **single host**.
 *  Automatic creation/renewal of Let's Encrypt certificates (HTTP challenge).
 *  Provision of the following basic Middlewares:
    *  RedirectScheme: Redirect from HTTP to HTTPS
+    *  RateLimit: Limit to a _fair_ amount of requests
+        *  average: 100 requests per second
+        *  burst: 50 requests (per second)
    *  Headers: HTTP Strict Transport Security with long duration
 *  Provision of three configurations (modern, intermediate [default], old) for
   TLS.  

--- a/config/files/middlewares_basic.toml
+++ b/config/files/middlewares_basic.toml
@@ -2,6 +2,12 @@
  [http.middlewares]
    [http.middlewares.http2https.redirectScheme]
      scheme = "https"
+    [http.middlewares.ratelimit.rateLimit]
+      average = 100
+      burst = 50
+      [http.middlewares.ratelimit.rateLimit.sourceCriterion]
+        [http.middlewares.ratelimit.rateLimit.sourceCriterion.ipStrategy]
+          depth = 1
    [http.middlewares.sts.headers]
      forceSTSHeader = true
      stsSeconds = 31536000

--- a/sample.docker-compose.yml
+++ b/sample.docker-compose.yml
@@ -52,7 +52,7 @@ services:
 #      - traefik.http.routers.whoami-sec.entrypoints=websecure
 #      - traefik.http.routers.whoami-sec.rule=Host(`whoami.mydomain.com`)
 #      - traefik.http.routers.whoami-sec.tls.certresolver=mydomain-com
-#      - traefik.http.routers.whoami-sec.middlewares=sts@file,security@file
+#      - traefik.http.routers.whoami-sec.middlewares=ratelimit@file,sts@file,security@file

 networks:
  webproxy: