Rate Limiting Rules - what order?

frzikra55 · June 5, 2025, 4:52pm

What is the name of the domain?

What is the error number?

order of how security rules are applied.

What is the issue you’re encountering

Rate Limiting Rule

What steps have you taken to resolve the issue?

I have recently taken action based on some bot traffic that’s being challenged based on a 80/60 rate limiting rule. I created a custom rule challenge based on the originating ASN. Does CF have a sequence for evaluating traffic - rate limiting a priority over custom rules?

Was the site working with SSL prior to adding it to Cloudflare?

Yes

What is the current SSL/TLS setting?

Full

fritex · June 5, 2025, 5:44pm

May I ask if you’re asking if Custom rules fire before Rate Limiting Rules (or vice-versa)?

Yes there is a Traffic Sequence:

You can test with Trace Tool just in case:

system · June 20, 2025, 5:45pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Rate Limiting Rules SSL / TLS	2	2303	January 14, 2020
WAF Custom rule VS Super Bot Fight Mode Web Application Firewall	3	86	September 24, 2024
Rate limiting after SKIP rule in custom rules WAF Rules	4	1390	August 22, 2023
Rate Limiting and custom Rules are not working as expected Rules	2	874	September 4, 2023
WAF rule execution order Rules	1	502	April 12, 2024