it135
November 19, 2024, 8:34am
1
What is the name of the domain?
lindy.com.au
What is the issue you’re encountering
Rate limiting WAF rule not working
What steps have you taken to resolve the issue?
Hi Team,
We have created below rate limiting WAF rule but its not working as we are still receiving hits from facebookexternalhit.
Rule should get activated When rate exceeds 10 requests per 10 seconds but its not.
Rule:
(http.request.full_uri eq “Redirecting... ”) or (http.request.uri.path contains “facebookexternalhit”) or (http.request.uri.path contains “externalhit_uatext.php”)
sjr
November 19, 2024, 10:22am
2
If you are not using an Enterprise plan, if there are many IP addresses connecting with those parameters, the rate limit will only be applied per IP address, not the number of hits of the rule parameters.
it135
November 19, 2024, 10:37am
3
Thank you for the update, we are using paid Pro plan.
If its related to IP address then it will be a catch as hits come from random IPs togehether.
Any other possibility ?
Regards,
Mehul
sjr
November 19, 2024, 10:51am
4
You can use a Worker. The example here rate limits by IP address, but you can customise that to whatever parameters you want…
it135
November 29, 2024, 2:16am
5
Thank you for the update, will check.
system
Closed
December 4, 2024, 8:35am
6
This topic was automatically closed after 15 days. New replies are no longer allowed.