Rate Limiting Configuration for Diverse User IPs


I implemented a rate limiting rule designed to block any IP address that makes more than 100 requests within a 1-minute period. However, I’ve faced an unforeseen challenge with this setup.

It appears that many distinct users of my service are being inadvertently blocked by this rule. Upon investigation, I realized that these users are coming through ISPs using Carrier-grade NAT.

This has resulted in a situation where legitimate users, who individually make fewer requests than my set limit, are being restricted because they share an IP address with others.

I am seeking your advice or recommendations on how best to handle this situation.

Thank you.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.