Rate Limiter
Rate limiters add configurable origin request rate limiting to a service. This information is part of a limited availability release. For more information, see our product and feature lifecycle descriptions. To use this feature you must purchase a Professional or Premier Platform subscription for either Signal Sciences Cloud WAF or Signal Sciences Next-Gen WAF and have a paid account with a contract for full-site delivery.
Data model
action | string | The action to take when a rate limiter violation is detected. | |
client_key | array | Array of VCL variables used to generate a counter key to identify a client. Example variables include req.http.Fastly-Client-IP, req.http.User-Agent, or a custom header like req.http.API-Key. | |
feature_revision | integer | Revision number of the rate limiting feature implementation. Defaults to the most recent revision. | |
http_methods | array | Array of HTTP methods to apply rate limiting to. | |
logger_type | string | Name of the type of logging endpoint to be used when action is log_only. The logging endpoint type is used to determine the appropriate log format to use when emitting log entries. | |
name | string | A human readable name for the rate limiting rule. | |
penalty_box_duration | integer | Length of time in minutes that the rate limiter is in effect after the initial violation is detected. | |
response | object | Custom response to be sent when the rate limit is exceeded. Required if action is response. | |
response_object_name | string | Name of existing response object. Required if action is response_object. Note that the rate limiter response is only updated to reflect the response object content when saving the rate limiter configuration. | |
rps_limit | integer | Upper limit of requests per second allowed by the rate limiter. | |
uri_dictionary_name | string | The name of an Edge Dictionary containing URIs as keys. If not defined or null, all origin URIs will be rate limited. | |
window_size | integer | Number of seconds during which the RPS limit must be exceeded in order to trigger a violation. | |
created_at | string | Date and time in ISO 8601 format. Read-only. | |
deleted_at | string | Date and time in ISO 8601 format. Read-only. | |
id | string | Alphanumeric string identifying the rate limiter. | |
service_id | string | Alphanumeric string identifying the service. Read-only. | |
updated_at | string | Date and time in ISO 8601 format. Read-only. | |
version | integer | Integer identifying a service version. Read-only. |
User contributed notes
BETADo you see an error in this page? Do have an interesting use case, example or edge case people should know about? Share your knowledge and help people who are reading this page! (Comments are moderated; for support, please contact support@fastly.com)