Introducing Advanced Rate Limiting: Unmetered, flexible, and tightly integrated with the Cloudflare WAF. Read More
Cloudflare Advanced Rate Limiting
Granular controls to block abuse
Advanced rate limiting protects against denial-of-service attacks, brute-force login attempts, API traffic surges and other types of abuse targeting APIs and applications.
Advanced Rate Limiting is integrated with our Web Application Firewall (WAF) and is part of Cloudflare’s application security portfolio.
Enterprise customers get unmetered Advanced Rate Limiting.
Layer 7 DDoS Mitigation
Contain high precision distributed denial-of-service attacks with granular configuration options.
API Protection
Count traffic on specific API attributes like tokens, API keys or cookies for API usage limits that ensure availability and stop abuse.
Brute Force Protection
Protect sensitive customer information against brute force login attacks.
Transparent and Cost-Effective
Enterprise customers get unmetered advanced rate limiting. Avoid unpredictable costs associated with traffic spikes and enumeration attacks.
"Rate Limiting ensures I can keep running my service reliably, cost effectively and ethically."
TROY HUNT
Founder at HaveIBeenPwned.com
Configure Thresholds
Protect your website URLs or API endpoints from suspicious requests that exceed defined thresholds. Granular configuration options include status codes, specific URLs, request limits, requests methods, and more.
Define Responses
Website and API visitors hitting defined request thresholds can trigger custom responses, such as mitigating actions (challenges or CAPTCHAS), response codes (Error 401 - Unauthorized), timeouts, and blocking.
Analytical Insight
Gain deep insights into traffic patterns to help scale and protect your resources. See how much malicious traffic is blocked by rule, how many requests make it to your origin, and more.
Trusted by millions of Internet properties
Sales
- Enterprise Sales
- Become a Partner
- Contact Sales:
- +1 (650) 319 8930