Ratelimiting rules order

Hi folks,

I’m trying to configure rate limiting rules for our system. I want to limit traffic to our api endpoints to 100 per 10 secs, and everything else to 60 per min. So I set up the rules as follows:

Rule 1: example.com/api/* < Limited to 100 per 10s
Rule 2: example.com/* < Limited to 60 per min

I assumed this would use the same logic as the Page Rules, but it seems that users accessing the API still get limited by Rule 2.

How can I set up rules that give me the logic that I want?

Thanks