If I enable rate limiting, will DDoS 's requests be charged as a request with CF workers?
i’m worried about any surprises with DDoS bill etc.
is there a way to limit the spend too like AWS etc?
You can’t limit the spend, but yes rate limiting will prevent the worker from running/you being charged for a worker invocation. Rate limiting is now free and unmetered: Back in 2017 we gave you Unmetered DDoS Mitigation, here's a birthday gift: Unmetered Rate Limiting. Just put your worker on your domain via a worker custom domain or a route, and disable the default workers.dev route, and then you can take advantage of the unmetered rate limiting, firewall rules, waf, etc, to protect your worker.
2 Likes