Rate Limiting
As an API gateway, pCDN acts as the central host to all incoming and outgoing traffic from client requests. However, this traffic may also contain unwanted requests generated by web crawlers from malicious cyberware, as seen in a DDoS attack, which causes service downtime.
pCDN uses the limit-count plugin to limit the number of API requests sent to the upstream addresses within a given time.
Prerequisites
Ensure to have your login details and a route configured to proceed.
Setting a rate-limit
You can set a rate-limit in two ways:
- Route configuration: When configuring your route, you can enable the
limit-countplugin in the third step. - Enabling the plugin from the dashboard and add to your route configuration.
- Navigate to Plugins from your Stargate dashboard
- Click Traffic control and click Enable from the limit-count card
This opens the Plugin editor.
- You can toggle to enable/disable the limit-count plugin
- Enter the required fields like the count and time_window to configure the rate limits.
Alternatively, you can configure the
limit-countplugin in JSON or YAML format.
- Click Submit
Test rate limiting
We set our limit-count to 4requests per 30seconds. This configuration limits the incoming requests to a maximum of 4 requests within 30 seconds.To test this:
- Generate 10 simultaneous requests.
Of the 10 requests, only 4 return a successful 200 status code while the other 6 returns the errors status code(503)