Infinitewp HTTP Error 429

Answer these questions to help the Community help you with Security questions.

What is the domain name?

Have you searched for an answer?

Please share your search results url:"cloudflare"+"429"

When you tested your domain using the Cloudflare Diagnostic Center, what were the results?

Describe the issue you are having:
I use InfiniteWP to update all my staging sites. I have about 20 of these all setup as subdomains on one main website address. Everything worked fine until recently Cloudflare started rate limiting InfiniteWP. Tried everything I could think of but cannot resolve the issue.

What error message or number are you receiving?
HTTP Error 429: .

What steps have you taken to resolve the issue?

  1. Created WAF bypass rule for ip
  2. Created WAF bypass rule for infintitewp website address
  3. Added IP Access Rules for my IP and InfiniteWP website IP

Was the site working with SSL prior to adding it to Cloudflare?

What are the steps to reproduce the error:

Have you tried from another browser and/or incognito mode?

Please attach a screenshot of the error:

May I ask if you’re using Rate Limiting feature for your domain? :thinking:

Hi there, no rate limiting rules are set up:

Does anyone know how to solve 429 errors if there is no rate limiting defined on the free Cloudflare plan?

Hey there! That should be related with rate limiting. Cloudflare returns an HTTP 429 error for blocked requests.

HTTP 429 includes 429 responses returned from the origin if the origin web server also applies its own rate limiting.

The screenshots that you shared show first two another subdomains, and then a Firewall action “Allow” (that not exempt from action by other Cloudflare security products such as Bot Fight Mode, IP Access Rules, and Managed Rulesets), not so good to understand the scenario.

@AlphaK I cannot see anything blocked in my Cloudflare Firewall Activity log, bot fight mode is off and I have no rate limit rules or managed rulesets defined.

Does this mean it’s blocked at the host? Or is there somehow a place where I can see if it is caused by Cloudflare in a log somewhere?

Turns out rate limiting was on my iBrave host, even though it does not appear in any of the logs. They created a whitelist and now everything works perfectly!