What's the maximum number of IPs a rate limiting rule can simultaneously block?

Let’s say I setup a Rate limiting rule that will block requests to my website based off the number of requests in a 1-minute window. During a big surge of traffic, what’s the maximum number of IPs that Cloudflare will block for me at the same time? Is it ~unlimited or all 3 billion IPv4 addresses, potentially?

I’ve read the docs end-to-end and searched the community center but can’t find the answer.

Rate limiting is per unique IP address making the request. So when a user exceeds the rate limiting, further requests from that iP are blocked. All other requests from other IPs are being tracked for those IPs, if they don’t exceed the limits they are allowed.

Got it. So if say 500,000 different IPs all breach my threshold, then Cloudflare will block all 500k simultaneously? Or is there some limit and it won’t block all 500k?

There’s no limit I’m aware of.

Why do you ask? Is rate limiting not working for you? Also, if you have 500k IP addresses smashing your site, you’ve got worse problems than rate limiting. Better off treating it as a DDoS attack.

I want to use a rate limit rule to prevent scraping. Want to see if that’s a feasible solution for scrapers that have access to tens of thousands of IPs.