CF ratelimit requests on website

What is the name of the domain?

octopad.ch

What is the issue you’re encountering

I have an app that dispatches calls to online users. Once logged in, the user can toggle their presence by pressing on a button (behind it, fire request to an API). This was working fine before adding my website to CF. Now, the user has to click the button a random number of times before reaching the original server and toggling their online status. Not sure what else to do here, besides disabling CF for the time being.

What steps have you taken to resolve the issue?

• Added a rule to disable cache on the concerned page
• Then, for the whole domain
• I checked my server access logs. Users’ requests are not hitting my server, only those that pass after a certain time.
• Security > settings > security level set essentially off

Hi @sahbi21,

Check your WAF Security Events page for any traffic that may be getting blocked by the WAF. Security Events · Cloudflare Web Application Firewall (WAF) docs

If you do find that the WAF is blocking your API traffic, you can create a Custom Rule to allowlist your API.

Hi @bujangnim,
Thanks for your suggestion. I have checked that page, and I don’t see any security event. However, I saw on my dashboard that I have 499 status codes related to that endpoint. Mobile Safari seems to be the only one affected by this issue. On the Desktop, it is working fine. I believe it’s something related to iOS Safari that seems to close requests too soon!!

This topic was automatically closed after 15 days. New replies are no longer allowed.