Rate Limiting

Excessive or abnormal request traffic to applications or APIs can cause resource exhaustion, degrade service performance, and open the door to abuse through automated attacks. Controlling the rate of requests is essential to maintain system stability and service reliability.

MaxiSafe enforces Rate Limiting by allowing administrators to configure request thresholds over defined time intervals (e.g., per second, minute, or hour). This helps prevent misuse, protect backend resources, and mitigate threats such as bot activity, API abuse, and DDoS attacks - ensuring secure and consistent application performance.

Steps:

1. Go to Programmable Mitigation > Rate Limiting to create a rate limit rule.
2. Under Triggering Condition, configure the target path and select the rate measurement method. The rate measurement can either be the number of queries per second (QPS) or the number of queries per time window.
3. Define actions under the Action Set. The system will randomly select one action when a request meets the triggering condition, making it harder for attackers to bypass detection.