Rate Limit Response#
The Rate Limit Response phase adds rate limit zones to the current request based on the response characteristics. The system checks the request against the specified zone in the subsequent Rate Limit Request phase.
Actions#
rate_limit.add_zone
: Adds a request to a rate limit zone based on response characteristics. This action does not perform any rate limiting checks.
Example#
The filter matches responses with a 404 status code:
http.response.code == 404
The configuration adds the request to the "not_found_requests" zone, using the client's IP as the key:
rate_limit.add_zone:
zone: "not_found_requests"
key:
- type: "ip"
This configuration enables rate limiting of clients that frequently request non-existent resources.
Flow between Rate Limit Response and Rate Limit Request#
graph TD
A[Response Generated] --> B[rate_limit.add_zone in Response Phase]
B --> C[Next Request]
C --> D[rate_limit.check_zone in Request Phase]
D -->|Within limit| E[Continue Processing]
D -->|Limit exceeded| F[Apply Action]
F --> G[Block/Challenge/Log]
Fields#
The Rate Limit Response phase provides access to the following fields:
- Request fields: Request information such as host header, method, and IP source.
- GeoIP fields: Geolocation information such as AS number and country code.
- User agent fields: Client user agent information.
- Bot fields: Information about bot clients.
- Fingerprint ML fields: Results of machine learning based fingerprinting.
Use Cases#
- Implement rate limiting for clients that frequently encounter errors.
- Apply different rate limits based on response content type.
- Set rate limits for high-bandwidth responses to ensure fair usage.
- Use response headers to determine rate limiting zones.
Importance of Separate Rate Limiting Phases#
The separation of rate limiting into Request, Request Late, and Response phases provides several benefits:
- Response-based rate limiting: The Rate Limit Response phase allows for rate limiting based on characteristics of the response, which is not possible in earlier phases.
- Adaptive rate limiting: By considering both request and response characteristics, more sophisticated rate limiting strategies can be implemented.
- Performance optimisation: Adding rate limit zones in the response phase allows for more efficient processing, as rate limits are only applied when necessary based on the response.
This multi-phase approach enables the implementation of complex rate limiting strategies that consider the full request-response cycle.