{"id":3380,"date":"2026-02-16T23:25:33","date_gmt":"2026-02-17T02:25:33","guid":{"rendered":"https:\/\/helpsysadmin.com.br\/blog\/?p=3380"},"modified":"2026-04-20T14:51:21","modified_gmt":"2026-04-20T17:51:21","slug":"mitigar-ddos-nginx-csf-rate-limiting","status":"publish","type":"post","link":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/","title":{"rendered":"Mitigando DDoS no Nginx e CSF: Guia Pr\u00e1tico de Rate Limiting"},"content":{"rendered":"<div id=\"helps-2618824912\" class=\"helps-before-content-2 helps-entity-placement\"><script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3661896953164277\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<!-- 2anuncios display quadrado -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-client=\"ca-pub-3661896953164277\"\r\n     data-ad-slot=\"5051229894\"\r\n     data-ad-format=\"auto\"\r\n     data-full-width-responsive=\"true\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><\/div>\n<p class=\"wp-block-paragraph\">Mitigando DDoS no Nginx e CSF. Ataques DDoS nem sempre s\u00e3o gigantescos. Muitas vezes, o que derruba seu servidor \u00e9 um <strong>HTTP flood simples<\/strong>, explorando login, XML-RPC ou APIs mal protegidas.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Neste guia voc\u00ea aprender\u00e1 como <strong>mitigar DDoS no Nginx<\/strong> usando rate limiting e complementar a prote\u00e7\u00e3o com o ConfigServer Security &amp; Firewall.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A estrat\u00e9gia \u00e9 simples: <strong>defesa em camadas<\/strong>.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-o-que-e-rate-limiting-no-nginx\">\ud83d\udd25 O que \u00e9 Rate Limiting no Nginx?<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">O <strong><a href=\"https:\/\/nginx.org\/\" target=\"_blank\" rel=\"noreferrer noopener\">Nginx<\/a><\/strong> possui m\u00f3dulos nativos que limitam requisi\u00e7\u00f5es por IP, evitando abusos antes que eles consumam CPU e mem\u00f3ria.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Ele atua na camada HTTP, bloqueando floods direcionados.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-configurando-rate-limiting-no-nginx\">\u2699\ufe0f Configurando Rate Limiting no Nginx<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-1-criando-a-zona-de-controle\">1\ufe0f\u20e3 Criando a zona de controle<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">No bloco <code>http {}<\/code> do nginx.conf:<\/p>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre>limit_req_zone $binary_remote_addr zone=limit_per_ip:10m rate=5r\/s;\nlimit_conn_zone $binary_remote_addr zone=conn_per_ip:10m;\n<\/pre><\/div>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-explicacao\">Explica\u00e7\u00e3o:<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>5r\/s<\/code> \u2192 5 requisi\u00e7\u00f5es por segundo por IP<\/li>\n\n\n\n<li><code>10m<\/code> \u2192 armazena milhares de IPs na mem\u00f3ria<\/li>\n\n\n\n<li>Controle de conex\u00f5es simult\u00e2neas<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-2-aplicando-no-server\">2\ufe0f\u20e3 Aplicando no server<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Dentro do bloco <code>server {}<\/code>:<\/p>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre>limit_req zone=limit_per_ip burst=10 nodelay;\nlimit_conn conn_per_ip 20;\n<\/pre><\/div>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-o-que-isso-faz\">O que isso faz:<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Permite pequenos picos (burst)<\/li>\n\n\n\n<li>Bloqueia excesso imediatamente<\/li>\n\n\n\n<li>Limita conex\u00f5es simult\u00e2neas por IP<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-3-protegendo-endpoints-criticos-wordpress\">3\ufe0f\u20e3 Protegendo endpoints cr\u00edticos (WordPress)<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-xml-rpc\">XML-RPC<\/h4>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre>location = \/xmlrpc.php {\n    limit_req zone=limit_per_ip burst=5 nodelay;\n}\n<\/pre><\/div>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"h-login\">Login<\/h4>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre>location = \/wp-login.php {\n    limit_req zone=limit_per_ip burst=3 nodelay;\n}\n<\/pre><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Isso reduz drasticamente brute force e HTTP floods.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-reforcando-com-csf-firewall\">\ud83d\udee1\ufe0f Refor\u00e7ando com CSF Firewall<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">O ConfigServer Security &amp; Firewall adiciona prote\u00e7\u00e3o em n\u00edvel de firewall, bloqueando IPs abusivos.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Arquivo de configura\u00e7\u00e3o:<\/p>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre>\/etc\/csf\/csf.conf\n<\/pre><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-protecao-contra-syn-flood\">\ud83d\udd39 Prote\u00e7\u00e3o contra SYN Flood<\/h3>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre>SYNFLOOD = &quot;1&quot;\nSYNFLOOD_RATE = &quot;50\/s&quot;\nSYNFLOOD_BURST = &quot;200&quot;\n<\/pre><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-limite-de-conexoes\">\ud83d\udd39 Limite de conex\u00f5es<\/h3>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre>CT_LIMIT = &quot;100&quot;\nCT_INTERVAL = &quot;30&quot;\nCT_BLOCK_TIME = &quot;1800&quot;\n<\/pre><\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Se um IP exceder 100 conex\u00f5es em 30 segundos, ser\u00e1 bloqueado por 30 minutos.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-protecao-http-basica\">\ud83d\udd39 Prote\u00e7\u00e3o HTTP b\u00e1sica<\/h3>\n\n\n\n<div class=\"wp-block-codemirror-blocks-code-block code-block\"><pre>PORTFLOOD = &quot;80;tcp;20;5,443;tcp;20;5&quot;\n<\/pre><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-estrategia-de-defesa-em-camadas\">\ud83e\udde0 Estrat\u00e9gia de Defesa em Camadas<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Para mitigar DDoS no <strong><a href=\"https:\/\/nginx.org\/\" target=\"_blank\" rel=\"noreferrer noopener\">Nginx<\/a><\/strong> de forma eficiente:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>CDN (Cloudflare ou similar)<\/li>\n\n\n\n<li>Rate limiting no Nginx<\/li>\n\n\n\n<li>CSF Firewall bloqueando abuso<\/li>\n\n\n\n<li>Ajustes no kernel <a href=\"https:\/\/helpsysadmin.com.br\/blog\/como-instalar-crowdsec\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Como instalar Crowdsec\" target=\"_blank\" rel=\"noopener\">Linux<\/a><\/li>\n\n\n\n<li>Monitoramento ativo<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-erros-comuns\">\u26a0\ufe0f Erros Comuns<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">\u274c <a href=\"https:\/\/helpsysadmin.com.br\/blog\/configurar-login-automatico-phpmyadmin\/\" data-internallinksmanager029f6b8e52c=\"3\" title=\"Como Configurar Login Autom\u00e1tico no phpMyAdmin via DirectAdmin\">Configurar<\/a> rate muito baixo e bloquear usu\u00e1rios reais<br>\u274c Esquecer IPv6<br>\u274c N\u00e3o considerar IP real quando usa proxy\/CDN<br>\u274c Bloquear Googlebot por limite agressivo<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-caso-real\">\ud83d\udcca Caso Real<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Ap\u00f3s aplicar rate limiting no Nginx + CSF:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Load average caiu de 6.0 \u2192 0.8<\/li>\n\n\n\n<li>Redu\u00e7\u00e3o de 70% nas conex\u00f5es simult\u00e2neas<\/li>\n\n\n\n<li>Fim de ataques XML-RPC<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-conclusao\">\u2705 Conclus\u00e3o<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Mitigar DDoS no Nginx com rate limiting \u00e9 uma solu\u00e7\u00e3o eficiente contra ataques HTTP simples.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Quando combinado com CSF Firewall, voc\u00ea cria uma prote\u00e7\u00e3o s\u00f3lida, leve e eficaz para VPS e servidores dedicados.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">N\u00e3o substitui uma prote\u00e7\u00e3o de borda, mas impede que ataques pequenos derrubem sua infraestrutura.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-faq\">FAQ<\/h2>\n\n\n\n<div class=\"schema-faq wp-block-yoast-faq-block\"><div class=\"schema-faq-section\" id=\"faq-question-1771211405171\"><strong class=\"schema-faq-question\">O rate limiting do Nginx substitui um firewall?<\/strong> <p class=\"schema-faq-answer\">N\u00e3o. Ele atua na camada HTTP. O ideal \u00e9 combinar com firewall como <strong><a href=\"https:\/\/docs.configserver.dev\/\">CSF<\/a><\/strong>.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1771211419223\"><strong class=\"schema-faq-question\">Posso usar limites agressivos?<\/strong> <p class=\"schema-faq-answer\">Depende do seu tr\u00e1fego. Sites com cache permitem limites mais restritivos.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1771211445295\"><strong class=\"schema-faq-question\">Isso funciona com WordPress?<\/strong> <p class=\"schema-faq-answer\">Sim. Principalmente para proteger login e XML-RPC.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1771211472607\"><strong class=\"schema-faq-question\">Rate limiting impacta SEO?<\/strong> <p class=\"schema-faq-answer\">Se mal configurado, pode bloquear bots leg\u00edtimos. Ajuste corretamente.<\/p> <\/div> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>Mitigando DDoS no Nginx e CSF. Ataques DDoS nem sempre s\u00e3o gigantescos. Muitas vezes, o que derruba seu servidor \u00e9 um HTTP [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":3381,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4197],"tags":[3503,3501,3495,3507,3509,3493,3499,3505,3497],"class_list":["post-3380","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-seguranca-e-hardening","tag-configserver-security-firewall","tag-csf-firewall","tag-ddos-linux","tag-firewall-linux-2","tag-hardening-de-servidor","tag-mitigar-ddos-no-nginx","tag-nginx-security","tag-protecao-contra-ddos","tag-rate-limiting-nginx"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.9 (Yoast SEO v27.9) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Mitigar DDoS no Nginx e CSF: Rate Limiting Pr\u00e1tico no Linux<\/title>\n<meta name=\"description\" content=\"Aprenda como mitigar DDoS no Nginx usando rate limiting e refor\u00e7ar a prote\u00e7\u00e3o com CSF Firewall. Guia pr\u00e1tico com exemplos reais e configura\u00e7\u00f5es seguras.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Mitigando DDoS no Nginx e CSF: Guia Pr\u00e1tico de Rate Limiting\" \/>\n<meta property=\"og:description\" content=\"Aprenda como mitigar DDoS no Nginx usando rate limiting e refor\u00e7ar a prote\u00e7\u00e3o com CSF Firewall. Guia pr\u00e1tico com exemplos reais e configura\u00e7\u00f5es seguras.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog HelpSysAdmin\" \/>\n<meta property=\"article:published_time\" content=\"2026-02-17T02:25:33+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-20T17:51:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mlkpd8g42nae.i.optimole.com\/w:auto\/h:auto\/q:mauto\/f:best\/https:\/\/helpsysadmin.com.br\/blog\/wp-content\/uploads\/2026\/02\/nginx_csf.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"493\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"HelpSysAdmin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@brhelpsysad\" \/>\n<meta name=\"twitter:site\" content=\"@brhelpsysad\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/\"},\"author\":{\"name\":\"HelpSysAdmin\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#\\\/schema\\\/person\\\/bdbe3d7d71a0c6a3cb474c18da574efb\"},\"headline\":\"Mitigando DDoS no Nginx e CSF: Guia Pr\u00e1tico de Rate Limiting\",\"datePublished\":\"2026-02-17T02:25:33+00:00\",\"dateModified\":\"2026-04-20T17:51:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/\"},\"wordCount\":437,\"publisher\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\/\\/helpsysadmin.com.br\\/blog\\/wp-content\\/uploads\\/2026\\/02\\/nginx_csf.webp\",\"keywords\":[\"ConfigServer Security &amp; Firewall\",\"csf firewall\",\"ddos linux\",\"firewall linux\",\"hardening de servidor\",\"mitigar ddos no nginx\",\"nginx security\",\"prote\u00e7\u00e3o contra ddos\",\"rate limiting nginx\"],\"articleSection\":[\"Seguran\u00e7a e Hardening\"],\"inLanguage\":\"pt-BR\"},{\"@type\":[\"WebPage\",\"FAQPage\"],\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/\",\"url\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/\",\"name\":\"Mitigar DDoS no Nginx e CSF: Rate Limiting Pr\u00e1tico no Linux\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\/\\/helpsysadmin.com.br\\/blog\\/wp-content\\/uploads\\/2026\\/02\\/nginx_csf.webp\",\"datePublished\":\"2026-02-17T02:25:33+00:00\",\"dateModified\":\"2026-04-20T17:51:21+00:00\",\"description\":\"Aprenda como mitigar DDoS no Nginx usando rate limiting e refor\u00e7ar a prote\u00e7\u00e3o com CSF Firewall. Guia pr\u00e1tico com exemplos reais e configura\u00e7\u00f5es seguras.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#breadcrumb\"},\"mainEntity\":[{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#faq-question-1771211405171\"},{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#faq-question-1771211419223\"},{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#faq-question-1771211445295\"},{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#faq-question-1771211472607\"}],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#primaryimage\",\"url\":\"https:\\/\\/helpsysadmin.com.br\\/blog\\/wp-content\\/uploads\\/2026\\/02\\/nginx_csf.webp\",\"contentUrl\":\"https:\\/\\/helpsysadmin.com.br\\/blog\\/wp-content\\/uploads\\/2026\\/02\\/nginx_csf.webp\",\"width\":1024,\"height\":493},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Mitigando DDoS no Nginx e CSF: Guia Pr\u00e1tico de Rate Limiting\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/\",\"name\":\"Blog HelpSysAdmin\",\"description\":\"Webserver linux blog\",\"publisher\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#organization\"},\"alternateName\":\"HelpSysAdmin Blog\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#organization\",\"name\":\"HelpSysAdmin Gerenciamento de Servidores\",\"alternateName\":\"HelpSysAdmin\",\"url\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\/\\/mlkpd8g42nae.i.optimole.com\\/w:512\\/h:512\\/q:mauto\\/f:best\\/https:\\/\\/helpsysadmin.com.br\\/blog\\/wp-content\\/uploads\\/2020\\/12\\/favicon.png\",\"contentUrl\":\"https:\\/\\/mlkpd8g42nae.i.optimole.com\\/w:512\\/h:512\\/q:mauto\\/f:best\\/https:\\/\\/helpsysadmin.com.br\\/blog\\/wp-content\\/uploads\\/2020\\/12\\/favicon.png\",\"width\":512,\"height\":512,\"caption\":\"HelpSysAdmin Gerenciamento de Servidores\"},\"image\":{\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/brhelpsysad\",\"https:\\\/\\\/mastodon.social\\\/@helpsysadmin\"],\"description\":\"Oferecemos o gerenciamento de servidores dedicados, vps ou cloud. Apresentamos a melhor experi\u00eancia em atendimento e servi\u00e7o. Nosso time cuidar\u00e1 do seu servidor com backups, an\u00e1lises constantes, ajustes de seguran\u00e7a, realiza\u00e7\u00e3o de manuten\u00e7\u00e3o preventiva e corretiva, otimiza\u00e7\u00e3o de performance al\u00e9m de monitoramento 24\u00d77 com suporte Pr\u00f3 Ativo.\",\"numberOfEmployees\":{\"@type\":\"QuantitativeValue\",\"minValue\":\"1\",\"maxValue\":\"10\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/#\\\/schema\\\/person\\\/bdbe3d7d71a0c6a3cb474c18da574efb\",\"name\":\"HelpSysAdmin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/efc0007e6a313a844b72de257e05c6083b07b6ecc6983a4f71e06293ff2e22fd?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/efc0007e6a313a844b72de257e05c6083b07b6ecc6983a4f71e06293ff2e22fd?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/efc0007e6a313a844b72de257e05c6083b07b6ecc6983a4f71e06293ff2e22fd?s=96&d=mm&r=g\",\"caption\":\"HelpSysAdmin\"},\"sameAs\":[\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/\"]},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#faq-question-1771211405171\",\"position\":1,\"url\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#faq-question-1771211405171\",\"name\":\"O rate limiting do Nginx substitui um firewall?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"N\u00e3o. Ele atua na camada HTTP. O ideal \u00e9 combinar com firewall como <strong><a href=\\\"https:\\\/\\\/docs.configserver.dev\\\/\\\">CSF<\\\/a><\\\/strong>.\",\"inLanguage\":\"pt-BR\"},\"inLanguage\":\"pt-BR\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#faq-question-1771211419223\",\"position\":2,\"url\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#faq-question-1771211419223\",\"name\":\"Posso usar limites agressivos?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Depende do seu tr\u00e1fego. Sites com cache permitem limites mais restritivos.\",\"inLanguage\":\"pt-BR\"},\"inLanguage\":\"pt-BR\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#faq-question-1771211445295\",\"position\":3,\"url\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#faq-question-1771211445295\",\"name\":\"Isso funciona com WordPress?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Sim. Principalmente para proteger login e XML-RPC.\",\"inLanguage\":\"pt-BR\"},\"inLanguage\":\"pt-BR\"},{\"@type\":\"Question\",\"@id\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#faq-question-1771211472607\",\"position\":4,\"url\":\"https:\\\/\\\/helpsysadmin.com.br\\\/blog\\\/mitigar-ddos-nginx-csf-rate-limiting\\\/#faq-question-1771211472607\",\"name\":\"Rate limiting impacta SEO?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Se mal configurado, pode bloquear bots leg\u00edtimos. Ajuste corretamente.\",\"inLanguage\":\"pt-BR\"},\"inLanguage\":\"pt-BR\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Mitigar DDoS no Nginx e CSF: Rate Limiting Pr\u00e1tico no Linux","description":"Aprenda como mitigar DDoS no Nginx usando rate limiting e refor\u00e7ar a prote\u00e7\u00e3o com CSF Firewall. Guia pr\u00e1tico com exemplos reais e configura\u00e7\u00f5es seguras.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/","og_locale":"pt_BR","og_type":"article","og_title":"Mitigando DDoS no Nginx e CSF: Guia Pr\u00e1tico de Rate Limiting","og_description":"Aprenda como mitigar DDoS no Nginx usando rate limiting e refor\u00e7ar a prote\u00e7\u00e3o com CSF Firewall. Guia pr\u00e1tico com exemplos reais e configura\u00e7\u00f5es seguras.","og_url":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/","og_site_name":"Blog HelpSysAdmin","article_published_time":"2026-02-17T02:25:33+00:00","article_modified_time":"2026-04-20T17:51:21+00:00","og_image":[{"width":1024,"height":493,"url":"https:\/\/mlkpd8g42nae.i.optimole.com\/w:auto\/h:auto\/q:mauto\/f:best\/https:\/\/helpsysadmin.com.br\/blog\/wp-content\/uploads\/2026\/02\/nginx_csf.webp","type":"image\/webp"}],"author":"HelpSysAdmin","twitter_card":"summary_large_image","twitter_creator":"@brhelpsysad","twitter_site":"@brhelpsysad","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#article","isPartOf":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/"},"author":{"name":"HelpSysAdmin","@id":"https:\/\/helpsysadmin.com.br\/blog\/#\/schema\/person\/bdbe3d7d71a0c6a3cb474c18da574efb"},"headline":"Mitigando DDoS no Nginx e CSF: Guia Pr\u00e1tico de Rate Limiting","datePublished":"2026-02-17T02:25:33+00:00","dateModified":"2026-04-20T17:51:21+00:00","mainEntityOfPage":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/"},"wordCount":437,"publisher":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/#organization"},"image":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#primaryimage"},"thumbnailUrl":"https:\/\/mlkpd8g42nae.i.optimole.com\/w:auto\/h:auto\/q:mauto\/f:best\/https:\/\/helpsysadmin.com.br\/blog\/wp-content\/uploads\/2026\/02\/nginx_csf.webp","keywords":["ConfigServer Security &amp; Firewall","csf firewall","ddos linux","firewall linux","hardening de servidor","mitigar ddos no nginx","nginx security","prote\u00e7\u00e3o contra ddos","rate limiting nginx"],"articleSection":["Seguran\u00e7a e Hardening"],"inLanguage":"pt-BR"},{"@type":["WebPage","FAQPage"],"@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/","url":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/","name":"Mitigar DDoS no Nginx e CSF: Rate Limiting Pr\u00e1tico no Linux","isPartOf":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#primaryimage"},"image":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#primaryimage"},"thumbnailUrl":"https:\/\/mlkpd8g42nae.i.optimole.com\/w:auto\/h:auto\/q:mauto\/f:best\/https:\/\/helpsysadmin.com.br\/blog\/wp-content\/uploads\/2026\/02\/nginx_csf.webp","datePublished":"2026-02-17T02:25:33+00:00","dateModified":"2026-04-20T17:51:21+00:00","description":"Aprenda como mitigar DDoS no Nginx usando rate limiting e refor\u00e7ar a prote\u00e7\u00e3o com CSF Firewall. Guia pr\u00e1tico com exemplos reais e configura\u00e7\u00f5es seguras.","breadcrumb":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#breadcrumb"},"mainEntity":[{"@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#faq-question-1771211405171"},{"@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#faq-question-1771211419223"},{"@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#faq-question-1771211445295"},{"@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#faq-question-1771211472607"}],"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#primaryimage","url":"https:\/\/mlkpd8g42nae.i.optimole.com\/w:auto\/h:auto\/q:mauto\/f:best\/https:\/\/helpsysadmin.com.br\/blog\/wp-content\/uploads\/2026\/02\/nginx_csf.webp","contentUrl":"https:\/\/mlkpd8g42nae.i.optimole.com\/w:auto\/h:auto\/q:mauto\/f:best\/https:\/\/helpsysadmin.com.br\/blog\/wp-content\/uploads\/2026\/02\/nginx_csf.webp","width":1024,"height":493},{"@type":"BreadcrumbList","@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/helpsysadmin.com.br\/blog\/"},{"@type":"ListItem","position":2,"name":"Mitigando DDoS no Nginx e CSF: Guia Pr\u00e1tico de Rate Limiting"}]},{"@type":"WebSite","@id":"https:\/\/helpsysadmin.com.br\/blog\/#website","url":"https:\/\/helpsysadmin.com.br\/blog\/","name":"Blog HelpSysAdmin","description":"Webserver linux blog","publisher":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/#organization"},"alternateName":"HelpSysAdmin Blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/helpsysadmin.com.br\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/helpsysadmin.com.br\/blog\/#organization","name":"HelpSysAdmin Gerenciamento de Servidores","alternateName":"HelpSysAdmin","url":"https:\/\/helpsysadmin.com.br\/blog\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/helpsysadmin.com.br\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/mlkpd8g42nae.i.optimole.com\/w:512\/h:512\/q:mauto\/f:best\/https:\/\/helpsysadmin.com.br\/blog\/wp-content\/uploads\/2020\/12\/favicon.png","contentUrl":"https:\/\/mlkpd8g42nae.i.optimole.com\/w:512\/h:512\/q:mauto\/f:best\/https:\/\/helpsysadmin.com.br\/blog\/wp-content\/uploads\/2020\/12\/favicon.png","width":512,"height":512,"caption":"HelpSysAdmin Gerenciamento de Servidores"},"image":{"@id":"https:\/\/helpsysadmin.com.br\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/brhelpsysad","https:\/\/mastodon.social\/@helpsysadmin"],"description":"Oferecemos o gerenciamento de servidores dedicados, vps ou cloud. Apresentamos a melhor experi\u00eancia em atendimento e servi\u00e7o. Nosso time cuidar\u00e1 do seu servidor com backups, an\u00e1lises constantes, ajustes de seguran\u00e7a, realiza\u00e7\u00e3o de manuten\u00e7\u00e3o preventiva e corretiva, otimiza\u00e7\u00e3o de performance al\u00e9m de monitoramento 24\u00d77 com suporte Pr\u00f3 Ativo.","numberOfEmployees":{"@type":"QuantitativeValue","minValue":"1","maxValue":"10"}},{"@type":"Person","@id":"https:\/\/helpsysadmin.com.br\/blog\/#\/schema\/person\/bdbe3d7d71a0c6a3cb474c18da574efb","name":"HelpSysAdmin","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/efc0007e6a313a844b72de257e05c6083b07b6ecc6983a4f71e06293ff2e22fd?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/efc0007e6a313a844b72de257e05c6083b07b6ecc6983a4f71e06293ff2e22fd?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/efc0007e6a313a844b72de257e05c6083b07b6ecc6983a4f71e06293ff2e22fd?s=96&d=mm&r=g","caption":"HelpSysAdmin"},"sameAs":["https:\/\/helpsysadmin.com.br\/blog\/"]},{"@type":"Question","@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#faq-question-1771211405171","position":1,"url":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#faq-question-1771211405171","name":"O rate limiting do Nginx substitui um firewall?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"N\u00e3o. Ele atua na camada HTTP. O ideal \u00e9 combinar com firewall como <strong><a href=\"https:\/\/docs.configserver.dev\/\">CSF<\/a><\/strong>.","inLanguage":"pt-BR"},"inLanguage":"pt-BR"},{"@type":"Question","@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#faq-question-1771211419223","position":2,"url":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#faq-question-1771211419223","name":"Posso usar limites agressivos?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Depende do seu tr\u00e1fego. Sites com cache permitem limites mais restritivos.","inLanguage":"pt-BR"},"inLanguage":"pt-BR"},{"@type":"Question","@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#faq-question-1771211445295","position":3,"url":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#faq-question-1771211445295","name":"Isso funciona com WordPress?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Sim. Principalmente para proteger login e XML-RPC.","inLanguage":"pt-BR"},"inLanguage":"pt-BR"},{"@type":"Question","@id":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#faq-question-1771211472607","position":4,"url":"https:\/\/helpsysadmin.com.br\/blog\/mitigar-ddos-nginx-csf-rate-limiting\/#faq-question-1771211472607","name":"Rate limiting impacta SEO?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Se mal configurado, pode bloquear bots leg\u00edtimos. Ajuste corretamente.","inLanguage":"pt-BR"},"inLanguage":"pt-BR"}]}},"lang":"pt","translations":{"pt":3380},"pll_sync_post":{},"_links":{"self":[{"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/posts\/3380","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/comments?post=3380"}],"version-history":[{"count":3,"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/posts\/3380\/revisions"}],"predecessor-version":[{"id":3596,"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/posts\/3380\/revisions\/3596"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/media\/3381"}],"wp:attachment":[{"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/media?parent=3380"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/categories?post=3380"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/helpsysadmin.com.br\/blog\/wp-json\/wp\/v2\/tags?post=3380"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}