Idea Details

Rate Limit: Prorated Throttle and Transaction level Logs

Last activity 14 days ago
Durga Sainath Munjeti's profile image
05-04-2020 10:52 AM

In recent days, we started working to explore rate limit functionality and configuration to protect services from BOT/DDOD attacks and learned from Support these are some limitations to implement the solution;

  • The current ratelimit is not capable of prorated request throttling - Its a good to have feature to limit transactions based on some specific inputs within X time (~10 mins/25 mins) based request count(allow only ~1000 requests in ~600ms for input header value XX )
  • The current ratelimit not capturing failure/throttled reasons at transaction/policy Level - In current releases, the logs only pushing to SSG logs and we are looking to read rate limit throttle issue at policy level to capture at transaction level