ratelimit.check_rate
Available inall subroutines.
Increment an entry in a rate counter and check if the client has exceeded some average number of requests per second (RPS).
The lowest rate limit supported by this feature to demonstrate effective behavior is 100 RPS. Using a limit below 100 RPS may result in unpredictable accuracy and detection time.
Parameters
entry - The entry to keep track of. Typically client.ip and any associated
metadata. An entry can be, at maximum, 256 bytes long.
rc - The ratecounter that tracks requests. When a user makes a request, a
ratecounter tracks that users average rate of requests over time.
delta - The integer value to increment the entry in the rate counter by.
Typically, a value of 1 is used. The value must be between 0 and 100000.
window - The last N seconds of data over which to compute the requests-per-second.
Must be 1, 10, or 60.
limit - The RPS limit. If the user goes above this limit during the given
window, then they are penalized and their entry is put into the penalty box
pb. Must be between 10 and 70000000.
pb - The penalty box. Keeps track of penalized users. If a user is penalized,
their entry is put into this penalty box.
ttl - The penalty box TTL. Specifies how long a user remains penalized. Must
be between 1m and 1h, and has minute granularity (rounded to the nearest
minute).
Return value
Upon completion, this function returns true if the user is penalized (i.e.,
should be rate limited) or false if not.
In the event an error occurs, the default return value is false; therefore,
errors (via fastly.error) must be handled specifically.
Errors
If the given entry is longer than 256 bytes, then false is returned and
fastly.error is set to EINVAL.
Example
The following example will:
check if the user has exceeded 100 requests per second during the last 10 seconds and, if so, penalize them for 10 minutes.
penaltybox pbox { }ratecounter rc { }
sub vcl_recv { if (ratelimit.check_rate(client.ip, rc, 1, 10, 100, pbox, 10m)) { error 429 "Too many requests"; }}