NGINX proxy rate limiting not working on NextJS App

Hello, I’ve created the following files in my NextJS project to apply rate limiting to the /resetpassword route. However, upon testing the rate limit is not being applied for POST requests to the route done using server actions. Is there an issue with the configuration in the files and how would you suggest to fix it? Thank you very much.

nginx.conf

   worker_processes 1;

   events {
       worker_connections 1024;
   }

   http {
       include /etc/nginx/mime.types;
       default_type application/octet-stream;

       sendfile on;
       keepalive_timeout 65;

       limit_req_zone $binary_remote_addr zone=one:10m rate=1r/m;

       upstream app {
           server 127.0.0.1:3000; # Localhost since we are running both Next.js and NGINX in the same container
       }

       server {
           listen 80;
           server_name trendmaps-vq89a.fly.dev;

           access_log /var/log/nginx/access.log;
           error_log /var/log/nginx/error.log debug;

           location /resetpassword {
               limit_req zone=one burst=5 nodelay;
               proxy_pass http://app;
               proxy_set_header Host $host;
               proxy_set_header X-Real-IP $remote_addr;
               proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
               proxy_set_header X-Forwarded-Proto $scheme;
           }

           location / {
               proxy_pass http://app;
               proxy_set_header Host $host;
               proxy_set_header X-Real-IP $remote_addr;
               proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
               proxy_set_header X-Forwarded-Proto $scheme;
           }
       }
   }

start.sh

#!/bin/sh

# Start Nginx
nginx &

# Start Next.js
cd /app
npm run start

Dockerfile

# syntax = docker/dockerfile:1

ARG NODE_VERSION=21.0.0 
FROM node:${NODE_VERSION}-slim as base

LABEL fly_launch_runtime="Next.js"

# Next.js app lives here
WORKDIR /app

ENV NODE_ENV="production"

# Install dependencies and build the application in a separate stage
FROM base as build

RUN apt-get update -qq && \
    apt-get install -y build-essential pkg-config python-is-python3

COPY --link package-lock.json package.json ./
RUN npm ci --include=dev

COPY --link . .

RUN npm run build 

RUN npm prune --omit=dev

FROM base

# Install Nginx
RUN apt-get update && apt-get install -y nginx && apt-get clean

COPY --from=build /app /app
COPY nginx.conf /etc/nginx/nginx.conf
COPY start.sh /start.sh
RUN chmod +x /start.sh

EXPOSE 80 3000

CMD ["/start.sh"]

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.