This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Can we have Rate Limiting on response code

Posted on 10-21-2021 05:10 AM
debiprasad
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi All, 

We have a scenario, where our server is responding with 413 to a request, we want to restrict such IPs who are calling us multiple times and every time we are responding with 413.

Is there any way we can rate-limit using response codes? 

Thanks in Advance.

0 1 212
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

The 413 status code is Payload Too Large. By this status code, the server is telling the client that the server is refusing to process a request because the request payload is larger than the server is willing or able to process.

I am not clear on which thing is responding with 413.  I believe in your case it is the upstream server.  And I understand that you would like to rate limit clients (by IP address?) that receive 413 responses. 

If my understanding is correct, the way I would do this is... 

  • enforce a quota for every request. Use the client IP as part of the identifier. Set the quota limit to 2 / hour.  Something like that. Use a MessageWeight of 1 (the default).
  • On the response flow, enforce an additional quota, conditionally.  Check the response status code, and if it NOT a 413, then use an additional quota policy with MessageWeight of -1. 

Effectively if the response code is not 413, then there is no rate limit.  If the response code is 413, then the client gets 2 calls per hour. 

I have one doubt - it is possible that it is not possible to use a negative MessageWeight in a Quota policy. In that case you can use the ResetQuota policy to accommodate. 

 

0 Likes
Top Solution Authors
View all