WAF Rate limiting rules don't seem to work

Hello, I’m trying to set up a rate limiting rule which blocks an ip upon receiving an exsessive number of requests from given ip. My rate limiting rule looks as follows:

Is this correctly set up or am I missing something? It doesn’t seem to be working, I did more than 10 refreshes (cleared cache on every request) in 10 sec and it’s not blocking as far as I can tell.


I don’t think you can use wildcards. If you want to rate limit everything, use Path Starts With /

Be aware that if it’s a website, a single page may have more than ten URLs to load, and that will trigger Rate Limiting.

1 Like

Thanks, that solved it!

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.