Troubleshoot Rate Limiting (previous version)
A few common rate limiting configuration issues prevent proper request matches:
- Including HTTP or HTTPS protocol schemes in rule patterns (such as
https://example.com/*). To restrict rules to match only HTTP or HTTPS traffic, use the schemes array in the request match. For example,
"schemes": [ "HTTPS" ].
- Forgetting a trailing slash character (
/). Cloudflare Rate Limiting only treats requests for the homepage (such as
example.com/) as equivalent, but not any other path (such as
example.com/path). To match request paths both with and without the trailing slash, use a wildcard match (for example,
- Including a query string or anchor (such as
example.com/path#section1). A rule like
example.com/pathwill match requests for
- Overriding a rate limit with .
- Including a port number (such as
example.com:8443/api/). Rate Limiting does not consider port numbers within rules. Remove the port number from the URL so that the rate limit rule triggers as expected.
Common API errors
Decoding is not yet implemented– Indicates that your request is missing the
Content-Type: application/jsonheader. Add the header to your API request to fix the issue.
Ratelimit.api.not_entitled– Enterprise customers must contact their account team before adding rules.