Don't run workers for specific IPs


#1

Hi,

Is there / can there be a way to bypass workers if the request comes from a specific IP?

According to support, rate limiting applies when you have workers on your domain… since I make a lot of requests from my office IP, I hit the rate limit frequently. I’ve already had the rate doubled once, but I still hit it. A way to bypass the workers (and, I assume) the rate limit would be great.


#2

Here’s a script that includes a bypass for a specific IP address. Since Workers is touted as a way to trigger Cloudflare settings, maybe there’s a way to skip rate limiting from your IP address.

https://www.resdevops.com/2018/03/20/cloudflare-workers-maintenance-mode-static-page/


#3

Hi @foreverunique,

We’re happy to increase your rate limit. Please e-mail [email protected] with your zone name and a brief description of what you’re doing with Workers and we’ll update it.


#4

Just wondering, what is the rate limit?


#5

@matteo We apply various limits and other measures in order to make it hard to abuse Workers as a way to launch attacks on third parties. It’s not a simple limit – there are multiple factors, intended to try to avoid collateral damage, and the details are still changing. As with any anti-abuse measure, we do not document exactly what we do here, as doing so might allow attackers to more easily evade the measures. But, we are happy to lift limits if people are hitting them in legitimate use case.


#6

Understood @KentonVarda! I believe I won’t even come close to those limits…


#7

@KentonVarda the problem I have is that our office is hitting the rate limit, whereas (I believe) no-one else even comes close. In addition, the workers I’m using (geoip redirection) aren’t required for our office anyway. So I’m having to keep raising the limit when the people hitting the limit are then just ignored by the workers anyway… in addition, I’m being billed for that worker usage when all the worker is doing for requests from that IP is (basically) ignoring them.

If I could specify IPs in the same manner as I can specify routes to run the workers on, that would solve all my problems in one go. I know that, as currently implemented, I can’t do that… is there a way for me to suggest that to cloudflare?


#8

Hi @foreverunique,

There shouldn’t be any need to “keep raising the limit” – once we’ve lifted your limit then it doesn’t apply anymore at all. If that’s not what you’re seeing, something is wrong. Please contact [email protected] and tell us your domain so we can correct this.