whatbeatsrock.com
I am creating a custom rule for 2000 requests/10secs on startsWith: whatbeatsrock.com/api/vs should be blocked. However, it is affecting me on ONE request.
Yes
Full
I turn on my rate limit rule and then go to my site and do an action that triggers the endpoint, and I immediately get blocked.
sjr
July 24, 2024, 6:34pm
2
If that’s using the field URL Full you’ll need to include https:// if using starts with. Look at the example under the box.
Otherwise, can you show a screenshot of the rule?
basedappsandgames:
What is the current SSL/TLS setting?
Full
Use “Full (strict)” so Cloudflare validates your origin server certificate to ensure your connection is fully secured.
yes i do have the https:// sorry i didn’t put it in my original details. will turn on Strict mode.
sjr
July 24, 2024, 6:42pm
4
Check your security event log to see if this is the rule that’s actually blocking you, and if not, why…https://dash.cloudflare.com/?to=/:account/:zone/security/events
yes that is the one blocking me. there are no other rules blocking at that time.
Hi @basedappsandgames
or add www when your
analytics section shows it as a
www.whatbeatsrock.com
Your rule says it would return a 429. When I request that URL with curl, I get a 403. With a browser, I get a 405.
seems to have solved itself somehow just by waiting
2 Likes
Erisa
July 29, 2024, 9:24am
9
system
July 31, 2024, 9:24am
10
This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.
