Cloudflare API rate limit Protect my Login

Can i create a rate limit for a domain for using the “protect my login” feature from the API. If not does anyone know what the curl, basic settings would be 5 logins 5 min block.

The API lets you create a Rate Limit for any URL, including a wildcard.

Here’s an example:
curl -X POST "" \ -H "X-Auth-Email: [email protected]" \ -H "X-Auth-Key: c2547eb745079dac9320b638f5e225cf483cc5cfdda41" \ -H "Content-Type: application/json" \ --data '{"id":"372e67954025e0ba6aaa6d586b9e0b59","disabled":false,"description":"Prevent multiple login failures to mitigate brute force attacks","match":{"request":{"methods":["GET","POST"],"schemes":["HTTP","HTTPS"],"url":"**"},"response":{},"headers":[{"name":"Cf-Cache-Status","op":"ne","value":"HIT"}]},"bypass":[{"name":"url","value":"*"}],"threshold":60,"period":900,"action":{"mode":"challenge","timeout":86400,"response":{"content_type":"text/xml","body":"<error>This request has been rate-limited.</error>"}}}'

They have a feature called “protect my login” How can I find out what those settings would be so I can mimick this from an API call - Also are there limits as to for example how many Url’s I can add. Or can i use a wildcard - *.ourgreatapp.login

I’m not sure how it automatically configures the Login URL, but you can probably use the API to list it. The API docs show how you can wildcard the entry.

This topic was automatically closed after 30 days. New replies are no longer allowed.