Rate Limiting

Rate limiting restricts requests that exceed the defined access frequency to the website.

Configuration:

Rule Name and Description

Configure rule identification and purpose.

Triggering Condition:

Path: Define the request path to be monitored
Key: Select one or more identifiers to track access frequency, including IP, fingerprint, and cookie ID
Rate Measurement: Choose the method to calculate the request rate:
- Queries per second
- Queries per time window
Device Type: Specify the type of client device to which the rule applies

Dynamic Action:

A protection strategy that makes response behaviour unpredictable to bypass repetitive attacks. When the triggering condition is met, the system applies a protection action based on the triggering probability. An action is randomly selected from the configured action set.

Parameters:

Triggering Probability: Set the likelihood of triggering an action
Action Set: Include one or more actions: block, redirect, bypass, return HTML, or skip
Delay: Set the delay (in seconds) before executing the action
Response: Configure the response behaviour - return a specific status code, redirect path or HTML file

Auto Web ACL:

Key: Define the identifier to apply access control (IP or fingerprint)
Duration: Set the period during which the key remains blocked

Target Site:

Select the website to apply the rule.

Configuration:​

Rule Name and Description​

Triggering Condition:​

Dynamic Action:​

Parameters:​

Auto Web ACL:​

Target Site:​