Hi there, Nginx is indeed managing rate limiting as you stated but Discourse also has it’s own way to manage rate limiting at application level. Sam has an interesting piece on this :
The only thing I’m wondering is if we can indeed rate limit with exceptions (i.e. whitelist IPs through those rules). I’m still searching for a way to do this…