Preview Mode
Documentation
NEW

Introducing Advanced Rate Limiting: Unmetered, flexible, and tightly integrated with the Cloudflare WAF. Read More

Advanced Rate Limiting

Granular controls to block abuse
Dns unmetered ddos spot illustration

Advanced rate limiting protects against denial-of-service attacks, brute-force login attempts, API traffic surges and other types of abuse targeting APIs and applications.

Advanced Rate Limiting is integrated with our Web Application Firewall (WAF) and is part of Cloudflare’s application security portfolio.

Dns unmetered ddos spot illustration
Security shield ddos protection blue
Layer 7 DDoS Mitigation

Contain high precision distributed denial-of-service attacks with granular configuration options.

icon-api-mint.png
API Protection

Count traffic on specific API attributes like tokens, API keys or cookies for API usage limits that ensure availability and stop abuse.

Search blue
Brute Force Protection

Protect sensitive customer information against brute force login attacks.

icon-cost-mint.png
Transparent and Cost-Effective

Enterprise customers get unmetered advanced rate limiting. Avoid unpredictable costs associated with traffic spikes and enumeration attacks.

"Rate Limiting ensures I can keep running my service reliably, cost effectively and ethically."

TROY HUNT

Founder at HaveIBeenPwned.com

haveibeenpwned

Updated RL Rule

Configure Thresholds

Protect your website URLs or API endpoints from suspicious requests that exceed defined thresholds. Granular configuration options include status codes, specific URLs, request limits, requests methods, and more.

Define Responses

Website and API visitors hitting defined request thresholds can trigger custom responses, such as mitigating actions (challenges or CAPTCHAS), response codes (Error 401 - Unauthorized), timeouts, and blocking.

Updated RL Rule

Analytical Insight

Gain deep insights into traffic patterns to help scale and protect your resources. See how much malicious traffic is blocked by rule, how many requests make it to your origin, and more.

Gartner® named Cloudflare a “Leader” in Web Application and API Protection

Cloudflare is a Leader in the Gartner Magic Quadrant™ for WAAP

Cloudflare has been recognized as a Leader in the 2022 "Gartner Magic Quadrant for WAAP" report. We believe this recognition validates that we protect against emerging threats faster, offer tighter integration of security capabilities, and deliver powerful ease of use and deployment.

Read report
Cloudflare is a Leader in the Gartner Magic Quadrant™ for WAAP

Trusted by millions of Internet properties

View case studies
Logo mars trusted by gray
Logo loreal trusted by gray
Logo doordash trusted by gray
Logo garmin trusted by gray
Logo ibm trusted by gray
Logo 23andme trusted by gray
Logo shopify trusted by gray
Logo lending tree trusted by gray
Logo labcorp trusted by gray
Logo ncr trusted by gray
Logo thomson reuters trusted by gray
Logo zendesk trusted by gray

Sales

Getting Started

Community

Developers

Support

Company

© 2023 Cloudflare, Inc.Privacy PolicyTerms of UseReport Security IssuesTrademark