Rate limiting (Is 30 requests per minute good?)

Hi, everyone. Is this rate-limiting rule good? Someone created it for me.

Well, might cost you a lot due to …

Ok, nevermind above, but 30 requests is I am afraid to little to load some websites + resources like images, css, js, etc. from the same domain name.

Nevertheless, if the visitor navigates to some other sub-page or clicks on the link within the same domain name or hits the “refresh page” button, I am afraid the visitor would be blocked immediately with that kind of a Rate Limiting rule setup.

Therefore, if the visitor decides to open some other link on your domain, again he will see the “challenge” page.

Furthermore, we have got the Firewall Rule to achieve this for particular URL or requests based on some criteria and show the challenge/captcha page + we can shorten the Challenge Passage option, if so.

If your website doesn’t load resources from your own domain name, rather from external resoure, you might be okay, but it might depend on the web app.

You can test it yourself.


Thanks, how many requests per minute do you suggest?

Each site is different! You should try to configure certain numbers (and increase it until you can reload it or open a sub-page a considerable amount of times without being rate limited)!

As @fritex said


This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.