Reblaze Part of Link11
v2.18
v5v2.20.4v2.20.2v2.20v2.18v2.16v2.14v2.12v2 Release NotesMobile SDK v2.3.0Mobile SDK v2.2.x
v2.18
v5v2.20.4v2.20.2v2.20v2.18v2.16v2.14v2.12v2 Release NotesMobile SDK v2.3.0Mobile SDK v2.2.x
  • Reblaze Portal
  • Introduction to Reblaze
  • Getting Started
  • Reblaze Setup Checklists
  • Marketplace Onboarding
    • AWS
      • Deploy Reblaze
      • Configure the Reblaze Platform
      • Set Up a Load Balancer for Traffic Routing
      • AWS Version Upgrade
    • GCP
      • Deploy Reblaze
      • Configure the Reblaze Platform
      • Set Up GCP Health Checks
      • Set Up GCP Load Balancer
      • GCP BYOL Upgrade
  • Console UI Walkthrough
    • General UI flow
    • Traffic
      • Traffic Concepts
      • Dashboard
      • View Log
    • Security
      • Security Section Concepts
      • Dynamic Rules
      • Quarantined
      • Profiles
        • Profile Concepts
        • Profiles
        • ACL Policies
        • WAF/IPS Policies
        • Custom Signature
      • Args Analysis
      • Tag Rules
      • Rate Limiting
      • Cloud Functions
    • Settings
      • Web Proxy
      • Backend Services
      • Error Pages
      • SSL
      • DNS
      • CDN
      • Planet Overview
      • Global
      • Account
  • Using the product
    • Best Practices
      • Saving and Publishing Your Changes
      • Enabling Passive Challenges
      • Using the Reblaze Query Box
      • Understanding and Diagnosing Traffic Issues
    • How Do I...
      • Ban, Unban, and Whitelist Traffic Sources
      • Bypass Rate Limits for Loadtesting
      • Control Caching Behavior
      • Filter by Content
      • Quickly Block an Attacker
      • Secure Traffic from a Third-Party Page
      • Set Rate Limits and Exemptions
      • Set up SIEM/SOC integration
      • Video Tutorials
        • DNS Training
    • Reblaze API
      • Reblaze REST API
      • Mobile SDK
  • Reference Information
    • Access log-structure
    • Acronyms
    • Deployment Terminology
    • Hostile Bot Detection / RCSI
      • Environmental detection and browser verification
      • Client authentication
      • Biometric behavioral verification
    • HTTP Response Codes
    • Pattern Matching Syntax
    • Reblaze Signatures
    • Tags
    • TTL Expression Syntax
  • Support
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Using the product
  2. How Do I...

Set Rate Limits and Exemptions

Restricting consumption of resources and rate of requests

PreviousSecure Traffic from a Third-Party PageNextSet up SIEM/SOC integration

Last updated 3 years ago

Was this helpful?

Different types of rate limits are defined in different parts of the Reblaze interface.

Static rate limits for each application: Timeouts and request limits per IP are set for each application on the .

By location: Rate limits for specific locations/URLs can be created in and then including them in .

By traffic source: Requestors who are submitting excessive requests across the planet can be banned for configured lengths of time. This can be done via .

In some situations, either or Dynamic Rules could be used. Rate Limiting Rules are the preferable option. They are more powerful, more flexible, and in a future release, they will fully replace Dynamic Rules.

Creating Rate Limiting Exemptions

Creating exemptions from rate limits is done differently, depending on the scope of the rate limits being addressed.

Global: Create an .

By location: Create an with the name "Rate Limit Whitelist". This can exempt any combination of IP, Country, and ASN. The Policy should then be included in a , and the Profile should be to the appropriate location(s) or portions of your site/application. Example:

By traffic source: A traffic source can be exempted from Dynamic Rule filtering either by , or by adding the traffic source to the .

Rate Limiting Rules
Dynamic Rules
Rate Limiting Rules
ACL Policy
Profile
An ACL with this name will exempt the traffic sources from rate limiting for the specific location
adding an Ignore parameter to the Rule itself
ACL Policy with an OC suffix
Whitelist within the Quarantine section
Advanced Frontend Settings on the Web Proxy page
Security Profiles
assigned