zooey
-
Content Count
5,823 -
Joined
-
Last visited
-
Days Won
52
Single Status Update
-
Mic has been banned again, taking bets on 3rd ban
- Show previous comments 12 more
-
@Yuanrang The scenario you describe - clicking a button too quickly - is the first item I linked to, "Rate Limiting".
I am a software engineer and we use Amazon Web Services for our load balancing, so I can only give you 90% of the solution. If you look at what "Rate Limiting Rules" are, they handle users pressing buttons too quickly.
Here is an example:
Rate limiting rule #1
If incoming requests match:http.request.uri.path eq "*"Choose action: Block
Duration (mitigation timeout): 10 minutes
Requests:1
Period: 10 seconds+
With the same value of (characteristics):- Data center ID (included by default when creating the rule in the dashboard)
- IP
-
Headers >
User-agent
If you read the above example, and look into the Rate Limiting Rules set in the Cloudflare configuration, I imagine you will find the root cause of the issue. I am guessing the ACTION is set to a CHALLENGE or MANAGED_CHALLENGE when it should just be BLOCK.Sal was correct in configuring the Rate Limiting Rule as it does handle the scenario you describe, I think the ACTION is the only issue. If there are scenarios of bots or otherwise bad actors that he needs to ban, that would be with a separate, more complex Rate Limiting Rule.
References- “Rate Limiting Parameters · Cloudflare Web Application Firewall (WAF) Docs.” Developers.cloudflare.com, 29 June 2023, developers.cloudflare.com/waf/rate-limiting-rules/parameters/. Accessed 7 July 2023.
- “Determining the Rate · Cloudflare Web Application Firewall (WAF) Docs.” Developers.cloudflare.com, 22 May 2023, developers.cloudflare.com/waf/rate-limiting-rules/request-rate/#example-a. Accessed 7 July 2023.
- “Cloudflare Challenges · Cloudflare Fundamentals Docs.” Developers.cloudflare.com, 30 June 2023, developers.cloudflare.com/fundamentals/get-started/concepts/cloudflare-challenges/#managed-challenge-recommended. Accessed 7 July 2023.
-
@Zooey I actually must have missed your entire first comment, and even Adam?'s first comment. I cannot recall seeing or reading those two at all. Sorry!
For the record, I assume your assessment is (mostly) right and I would have incorporated a fix if I could, but as far as I know, only Sal has that kind of access, so I am powerless to go in and fix things, even if I knew how to fix it. I am unsure if LIlshu has that kind of access, but I suspect he might not either.
-
