Apache APISIX Plugin Order Wrong
You encounter a apisix configuration issue that prevents your workflow from completing. This guide walks through the fix step by step.
Wrong ❌
{
"plugins": {
"key-auth": {},
"ip-restriction": {},
"limit-count": {},
"proxy-rewrite": {}
}
}
Wrong Output
Plugins execute in wrong order. Rate limiting applied before authentication. IP restriction applied after routing decisions.
Right ✅
{
"plugins": {
"ip-restriction": {},
"key-auth": {},
"limit-count": {},
"proxy-rewrite": {}
}
}
# Plugin execution order (configured via plugin-attach):
# 1. ip-restriction (before auth - save compute)
# 2. key-auth (authenticate first)
# 3. limit-count (after auth - track by user)
# 4. proxy-rewrite (before upstream proxy)
Right Output
Plugins execute in the correct order. Requests blocked at IP level before auth. Authenticated users tracked by rate limit.
Prevention
- Arrange plugins in logical order: security before business logic.
- Place ip-restriction before auth to save auth computation.
- Place Rate Limiting after auth to track by user identity.
- Place proxy-rewrite last before upstream proxy.
- Use plugin-metadata to debug execution order.
DodaTech applies similar defensive patterns across Doda Browser, DodaZIP, and Durga Antivirus Pro infrastructure for production reliability.
Common Mistakes with plugin order
- Using
headandtailinstead of pattern matching, causing runtime errors on empty lists - Forgetting that lazy evaluation defers computation until the value is forced, causing space leaks with unevaluated thunks
- Using
returnto exit a function early instead of wrapping a pure value in the monad
These mistakes appear frequently in real-world APISIX code. DodaTech's contributors have identified these patterns through analysis of open-source projects and production systems.
Practice Exercise
Write a pure function that safely divides two integers using Maybe, then test it with edge cases like division by zero and negative numbers.
This exercise reinforces the concepts covered in this guide. Try implementing it before checking online solutions.
FAQ
This quick fix is part of the DodaTech infrastructure engineering series. Learn more at DodaTech tutorials.
Built by the developers of DodaTech
Doda Browser, DodaZIP & Durga Antivirus Pro