Cloudflare: Nginx Rate Limit Calculation — DevOps Interview Q&A (2026)

All Questions Essential 0/100

25. Nginx Rate Limit Calculation

Beginner Mode

Start your terminal to use beginner mode.

Scenario

Your Nginx web server has recently experienced performance issues caused by excessive traffic from a few aggressive clients. You've decided to enable rate limiting based on the recent traffic pattern. To determine the proper limit, you first need to analyze request frequency.

Task

Find the top 3 client IPs by number of requests from /var/log/nginx/access.log, calculate the rate limit using the formula (sum of top 3 IP request counts / 3) * 0.8, write this value into /etc/nginx/nginx.conf as limit_req_zone $binary_remote_addr zone=app_limit:10m rate=<rate_limit>r/s;, and verify the configuration with nginx -t.

Example

# Before (no rate limiting configured)

Access log contains thousands of requests from various IPs
No rate limit configured in nginx.conf
Need to analyze traffic and set appropriate limit

# After (rate limit calculated and configured)

Top 3 IPs analyzed: 4523, 3891, 3456 requests
Rate limit calculated: 7896 r/s
Configuration updated and validated successfully
nginx -t: syntax ok, test successful

Step 1: Extract IP addresses from the access log and count requests per IP, then save the top 3 IPs to a temporary file

awk '{print $1}' /var/log/nginx/access.log | sort | uniq -c | sort -rn | head -n 3 > /tmp/top_ips.txt
cat /tmp/top_ips.txt

This command does several things:

awk '{print $1}' extracts the first field (IP addresses) from each log line
sort arranges the IP addresses so identical ones are grouped together
uniq -c counts how many times each unique IP appears
sort -rn sorts by count in reverse order (highest first)
head -n 3 takes only the top 3 results
> /tmp/top_ips.txt saves the output to a file

Step 2: Extract just the count numbers from the top 3 IPs

awk '{print $1}' /tmp/top_ips.txt > /tmp/counts.txt
cat /tmp/counts.txt

Step 3: Calculate the total sum of these counts

SUM=$(awk '{sum+=$1} END {print sum}' /tmp/counts.txt)
echo $SUM

Step 4: Calculate the rate limit (80% of the average requests per IP)

RATE_LIMIT=$(echo "$SUM / 3 * 0.8 / 1" | bc)
echo $RATE_LIMIT

Step 5: Create the rate limiting configuration file using a text editor

nano /etc/nginx/nginx.conf

Add the following content (replace 306 with your calculated value from Step 4):

events {}

http {
    # Define the rate limit zone in the http block
    limit_req_zone $binary_remote_addr zone=api_limit:10m rate=306r/m;

    server {
        location /api/ {
            limit_req zone=api_limit burst=5;
        }
    }
}

Save and exit (Ctrl+O, Enter, Ctrl+X in nano).

Step 6: Verify the configuration

nginx -t
cat /etc/nginx/nginx.conf

Terminal requires a larger screen

Open this page on a desktop or tablet (≥ 768px) to launch the terminal and practice hands-on.

Linux Terminal Environment

Write and execute your solution in the terminal below.

Essential

Linux 0/29

AWS 0/10

Kubernetes 0/15

CI/CD 0/5

Networking 0/9

Question	Difficulty	Company	Access
Create AWS IAM Admin User with Group and Policy	Easy	Accenture	Free
Create IAM Role for EC2 with Full IAM Access	Easy	Coinbase	Free
Create a Hello World Lambda Function	Easy	Adobe	Free
Launch an EC2 Web Server Instance	Easy	EPAM	Free
Design Egress Only VPC with NAT	Medium	Twitch	Free
Audit and Enforce Least-Privilege IAM Permissions	Easy	Amazon	Free
Create Route 53 Hosted Zone and DNS Records	Easy	Kayak	Free
Create Route 53 Health Checks	Easy	Autodesk	Free
Build a Serverless API with Lambda, API Gateway, and DynamoDB	Hard	Amazon	Free
Deploy an Internal Web App with VPC, EC2, ALB, and Route 53	Hard	Lyft	Free
Managing High I/O Processes	Easy	Revolut	Free
Analyzing Log Partition Usage	Medium	RedHat	Free
Using Unmounted Partitions	Medium	RedHat	Free
Tracing Log File Writes	Easy	Bloomberg	Free
Port Conflict Resolution	Easy	Datadog	Free
Diagnose Nginx CPU Bottleneck	Easy	Palantir	Free
Debug SSH Lockout	Medium	TCS	Free
Monitoring Process Ownership	Medium	HashiCorp	Free
Rapid Disk Growth on /var	Hard	Google	Free
Detect Memory Leak by Monitoring RSS	Medium	Google	Free
Fix Inode Exhaustion Issue	Medium	DeutscheBank	Free
Fix HTTPS Certificate Error	Medium	GitHub	Free
Real-Time Log Timestamping	Medium	Adobe	Free
Manage Service Failure Recovery	Hard	Apple	Free
Nginx Rate Limit Calculation	Hard	Cloudflare	Free
Update Cloud Configs	Medium	Stripe	Free
Automated Archive and Retention	Hard	Microsoft	Free
Trace Process Service Ownership	Hard	NVIDIA	Free
Handling Large Log Archives	Easy	Amazon	Free
Upload-Safe File Partitioning	Medium	GoDaddy	Free
Fix Port Exhaustion for High-Speed Scraper	Medium	X	Free
Validating Network Routes	Medium	Google	Free
Validating DNS Consistency	Easy	SAP	Free
Network Packet Loss Diagnosis	Easy	Cloudflare	Free
Network Port Service Cleanup	Easy	Apple	Free
Temporary Route Configuration	Easy	Spotify	Free
Inspecting HTTP Traffic Flow	Medium	Airbnb	Free
Network Socket Usage Analysis	Easy	SAP	Free
Forward Traffic Between Ports	Medium	Meta	Free
Crashing Misconfigured Pod	Medium	Reddit	Free
Image Pull BackOff and Secrets	Medium	Datadog	Free
CronJob Schedule Misconfiguration	Medium	RedHat	Free
Traffic Splitting with Native Kubernetes	Medium	Adobe	Free
ConfigMap Reload with Sidecar	Medium	Yelp	Free
Implement StatefulSet with Stable DNS	Medium	Okta	Free
StorageClass and PVC Expansion	Medium	Datadog	Free
OOMKilled Pod Analysis & Fix	Medium	Accenture	Free
Secure Internal Service Communication	Medium	Dropbox	Free
CRD Schema Validation	Hard	Slack	Free
Dynamic Volume Expansion	Easy	EPAM	Free
Custom Resource Definition Setup	Medium	ActivisionBlizzard	Free
Create Namespace	Easy	Accenture	Free
Pod with Readiness Probe	Easy	Zscaler	Free
Pod Viewer Access	Easy	Reddit	Free
Insecure Container with Root User	Medium	Accenture	Free
Macvlan Network Configuration Fix	Hard	Uber	Free
Container CPU Limit Configuration	Easy	IBM	Free
Memory Limit and OOM Killer	Medium	DeliveryHero	Free
Graceful Shutdown with SIGTERM Handling	Medium	Robinhood	Free
Log Rotation Size Limit Configuration	Easy	DeliveryHero	Free
Docker Multi-Architecture Image	Easy	Accenture	Free
Docker Binary Architecture	Easy	Adobe	Free
Docker Storage Driver Performance	Medium	GitHub	Free
Docker Volume Cross-Platform Consistency	Easy	GitLab	Free
Optimize Dockerfile	Medium	Shopify	Free
Rebase Feature Branch onto Correct Base	Easy	Samsung	Free
Restore File to Previous Version	Medium	Slack	Free
Convert Remote from HTTPS to SSH	Easy	EPAM	Free
Rebase Feature Branch	Easy	GitHub	Free
Stash Work, Fix Bug, Restore and Update	Medium	IBM	Free
Remove Last Commit and Discard Changes	Easy	GitLab	Free
Shallow Clone Limited to Latest Commit	Easy	Elastic	Free
Checkout Single File from Another Branch	Easy	Twilio	Free
Remove File from Entire Git History	Medium	Netflix	Free
Merge Repositories Preserving Both Histories	Medium	Zscaler	Free
Fix Repository with Unrelated Histories	Medium	Zscaler	Free
Stage Only Specific Files	Easy	CrowdStrike	Free
Undo Commits but Keep Changes	Easy	CrowdStrike	Free
Cherry-Pick Specific Commit	Easy	Ubisoft	Free
Recover Lost Commits from Detached HEAD	Medium	Kayak	Free
Docker Image Tagging with Commit SHA	Medium	Microsoft	Free
Matrix Build Strategy	Medium	Spotify	Free
Multi-Job Workflow with Artifact Handoff	Medium	Anthropic	Free
Path-Based Workflow Execution	Medium	Coinbase	Free
Automated Rollback on Deployment Failure with Values File Restoration	Medium	NVIDIA	Free
Two Sum	Easy	Cloudflare	Free
Valid Palindrome	Easy	Capital One	Free
Best Time to Buy and Sell Stock	Easy	Palantir	Free
Valid Parentheses	Easy	Splunk	Free
Binary Search	Easy	Intel	Free
Group Anagrams	Medium	Netflix	Free
Top K Frequent Elements	Medium	Cloudflare	Free
Product of Array Except Self	Medium	Samsung	Free
Valid Sudoku	Medium	AMD	Free
Longest Consecutive Sequence	Medium	Meta	Free
Two Sum II - Input Array Is Sorted	Medium	Databricks	Free
Container With Most Water	Medium	Amazon	Free
Search a 2D Matrix	Medium	SAP	Free
Contains Duplicate	Easy	Apple	Free
Valid Anagram	Easy	Anthropic	Free

Need more practice in this area? Explore more questions →