API requests rate limited at 2/minute?

Four days ago, I setup a scheduled script that updates some of our DNS records with CF based on droplet tags we use with Digital Ocean.
When there are no changes, the script makes only 2 requests/minute to the Cloudflare API, which is far under the 1200/5 minute threshold mentioned in the docs. Yet, every morning at 1:05 AM, I get this message: Please wait and consider throttling your request speed
On Saturday and Sunday it also happened at 1:05 PM.

Even when the script IS updating (adding/removing) DNS records, I’ve never gotten an error, and shouldn’t, since at most there would be 20-30 requests in a given minute. It only happens at 1:05 AM/PM to about 1:09. I thought perhaps I had some script running at that time doing a ton of API requests, but I can’t find anything, and anyway, it seems a bit odd that 2 requests/minute would be enough to tip it over the “edge”.

Has anyone else seen anything like this, or have any ideas what might be happening?

From what I do understand, you’re are using Rate Limiting Rules at Cloudflare dashboard? :thinking:

Or rather that’s from Cloudflare Access? :thinking:

If so, they’d count towards all the requests to the path you defined. Be it the good ones like Google search indexing and crawling and real ones from real visitors, or from the bad ones from bots, scrapers, crawlers, Facebook sharing, etc.

It could also be from Cloudflare Worker, sometimes (if using them) :thinking:

Maybe if, have you take a look under the Security → Overview for firewall events, where from, if so and if using Rate Limiting Rules, are those requests coming from? :thinking:

Is your API token correct while using the Cloudflare API? :thinking:

Maybe there was some bug or issue with Cloudflare from Cloudflare Status page at that time (despite 2 days, same time …).

Are you using some online tool to check the uptime maybe?

or do some changes via API to your DNS records, which could count towards that? :thinking:
Or, maybe you have other API calls besides those, within same CF account, which is adding up to hit the limit?

No, I’m not using rate limiting rules with Cloudflare. I’m making GET/POST/DELETE HTTP requests to the Cloudflare API via a PHP script using cURL. Specifically to the dns_records endpoint: Cloudflare API v4 Documentation

It’s the Cloudflare API that is rate limiting my server every morning from 1:05 AM to 1:09 AM. It happened again this morning, so it’s not missed a day–5 days straight at this point. Yes, my token is correct, or nothing would work :slight_smile:
The script runs every minute and the only time it ever throws an error is from 1:05 AM to 1:09 AM. It even added records at 1:27 AM and to remove DNS records at 5:42 AM. Otherwise, when there’s nothing to add/remove, all it’s doing is 2 GET requests to the endpoint mentioned above.

This is what I thought would be the most likely culprit, but I’ve searched our entire code base and checked all our other scripts/scheduled tasks, and there is nothing that references the Cloudflare API except some old migration scripts, and those haven’t been run in several years :slight_smile: