Our API domain is receiving high traffic from a 3rd-party server, which reported that some API requests are being dropped or timing out after 10 seconds. Cloudflare Security Events logs show no activity from their IP, and our server logs indicate response times under 40 ms with status codes of 200. We need clarification on whether Cloudflare has unlogged blocking mechanisms or rate limits and how to prevent this issue.
We’re experiencing an issue with a 3rd-party server attempting to call our API on a proxied domain. The 3rd party reported that some of their API requests were either blocked or timed out by Cloudflare, stating that the connection is dropped after 10 seconds. Additionally, they are sending a high volume of requests to our server.
When we reviewed the Security Events log in Cloudflare, we couldn’t find any activity associated with their requests. On the Analytics dashboard, the response status codes for the requests are 200. Our server logs also show that the response times for these requests are consistently under 40 ms, indicating no delays on the server side.
We’re seeking clarification on the following:
Does Cloudflare have blocking mechanisms that may not appear in the Security Events logs?
Could the high traffic volume trigger any rate-limiting or blocking mechanisms, even if not logged?
How can we access relevant logs or diagnostics to analyze this further?
What steps can we take to ensure these callback requests are not blocked or timed out in the future?
Any advice or insights would be greatly appreciated. Thank you!
If the domain name is activly using Cloudflare, may I ask if the hostname (DNS record) is proxied ?
Only Cloudflare IPs are allowed to connect to the origin host/server or anyone else as well to the HTTP(S) port?
Access and error log files, or some other? Where you gather those kind of type of data?
No, except if you specifically allow IP address/subnet/country in the IP Access Rules, then you don’t see it neither and it goes straight to the origin server - there’s where you’d see the traffic in your log files.
If proxied, you’d see that on the Dashboard.
If unproxied, you cannot see it neither in the Analytics on the Dashboard.
Particularly what’s your concern here? That Cloudflare is passing “bad traffic” and you don’t see it? I’d say Enterprise plan, but I am afraid you’r not using it and not sure what extra data you’d be able to gather in such circumstances.
Weird to timeout after 10s, furthermore add the 3rd-party IPs to the IP Access Rules in such case to prevent any Security option being triggered by Cloudflare for your zone.
If the requests are coming from your origin, allowlist it in IP Access Rules.
Track & trace requests before they appear using Trace Tool on the Dashboard to see what happens.
Are you using Rate Limiting Rules?, tune up them a bit if they catch legitimate web traffic.
By default, timeout is 100s, if the requests on the origin host requires more than this, it’ll continue to execute still despite the end-visitor would experience 524 timeout error in Web browser (if the server has the abillity to execute longer, e.g. 300 or 600 seconds to finish, hopefully). In case if needed, the timeout increases are only available to Enterprise plans.
? 