diff --git a/controllers/nginx/pkg/template/template.go b/controllers/nginx/pkg/template/template.go
index e484ffe1d..5ae525b35 100644
--- a/controllers/nginx/pkg/template/template.go
+++ b/controllers/nginx/pkg/template/template.go
@@ -342,8 +342,7 @@ var (
 
 func buildWhitelistVariable(s string) string {
 	if _, ok := whitelistVarMap[s]; !ok {
-		str := base64.URLEncoding.EncodeToString([]byte(s))
-		whitelistVarMap[s] = strings.Replace(str, "=", "", -1)
+		whitelistVarMap[s] = fmt.Sprintf("whitelist_%v", uuid.New())
 	}
 
 	return whitelistVarMap[s]
diff --git a/controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl b/controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
index dbff90747..193f997cf 100644
--- a/controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
+++ b/controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
@@ -289,13 +289,15 @@ http {
     {{ end }}
     {{ end }}
     {{ if ne $location.RateLimit.Name "" }}
-    geo ${{ buildWhitelistVariable $location.RateLimit.Name }}_whitelist {
+    # Ratelimit {{ $location.RateLimit.Name }}
+    geo $whitelist_{{ buildWhitelistVariable $location.RateLimit.Name }} {
         default 0;
         {{ range $ip := $location.RateLimit.Whitelist }}
         {{ $ip }} 1;{{ end }}
     }
 
-    map ${{ buildWhitelistVariable $location.RateLimit.Name }}_whitelist ${{ buildWhitelistVariable $location.RateLimit.Name }}_limit {
+    # Ratelimit {{ $location.RateLimit.Name }}
+    map $whitelist_{{ buildWhitelistVariable $location.RateLimit.Name }} ${{ buildWhitelistVariable $location.RateLimit.Name }}_limit {
         0 {{ $cfg.LimitConnZoneVariable }};
         1 "";
     }