I try to configure the rate limiting to protect my login page but I should do it wrong as I’m never blocked.
It’s supposed to be blocking a URL like : https://demo.mywebsite.com/site/login
I checked the DNS zone and the “demo” A type seems to be properly configured (there is no CName configure, I don’t if it should)
I configured 2 rules : 1 is the standard “Protect my Login” form, the other was limiting 10 request within 1 minute. None of them ever blocked me.
Any ideas ?
I just tried to log into your https://demo.mywebsite.com/site/login equivalent and after the 10th failed login attempt I was given the error below:
Right now, your rules apply to a specific URL, do they need to apply to a path?
Thanks cscharff, yes it’s was working after a while, I guess it was DNS propagation or something
Now I have an additionnal questions: how can I configure protection for more sub-domains ? Is there a way to have more than 3 Rate limiting rules ?
Sorry, I just noticed you already replied to this new question actually
I discovered you can use wildcard in your path, so I tried *.mydomain.com/site/login and it’s working now on all my subdomain. Great
This topic was automatically closed after 14 days. New replies are no longer allowed.