limit_req_zone $binary_remote_addr zone=per_ip:10m rate=10r/s; server { listen 80; listen [::]:80; listen 443 ssl; listen [::]:443 ssl; ssl_certificate /etc/nginx/certs/localhost/localhost.cert.pem; ssl_certificate_key /etc/nginx/certs/localhost/localhost.key.pem; ssl_trusted_certificate /etc/nginx/certs/localhost/localhost.fullchain.pem; client_max_body_size 10m; location / { proxy_pass http://app:3000; limit_req zone=per_ip nodelay; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }