Rate limited 10040 even when updating every 4 hours
I have one IP list in my Account > Configuration> Lists that currently has 0 IPs. Every time I try update it through the API, even when doing more than 4 hours apart, I get a rate limit error:
What's the limit here?
12 Replies
Anyone?
Hi
Could you explain where it is? I tried to find the url but countn't
That's an API error. I am not sure what URL you are referring to. I am using the API to update IP lists in Account > Configuration> Lists that currently has 0 IPs
But I don't know what API you are referring to
And are you using a programming language to access this api?
I was talking about URL because I thought the API was an URL. Sorry for the confusion :)
Yes. It's Crowdsec. Specifically its the crowdsec cloudflare bouncer
https://github.com/crowdsecurity/cs-cloudflare-bouncer
All google search results with that error code are about users facing issues using it with that tool
GitHub
GitHub - crowdsecurity/cs-cloudflare-bouncer: A CrowdSec Bouncer th...
A CrowdSec Bouncer that syncs the decisions made by CrowdSec with CloudFlare's firewall. Manages multi user, multi account, multi zone setup. Supports IP, Country and AS scoped decisions. -...
What do you have your update frequency set as? According to https://github.com/crowdsecurity/cs-cloudflare-bouncer/issues/121 it seems like 3600 helps with the issue
GitHub
Cloudflare (continuously) rate limiting API calls · Issue #121 · cr...
Hi, It seems the Cloudflare API is over solicited by the bouncer. One of the multiple log lines: level=error msg="you have been ratelimited please wait and try again (10040)" That would b...
4 hours as mentioned in the initial message. 4 hour 4 seconds to be precise I believe.You can also see the gap in the log output timestamp.
We can keep on doing hit and trial, but I am looking at finding the canonical source of truth here - what's the Cloudflare limit, and documentation around error 10400
Hmm that bug entry actually talks about using Cloudflare workers because the Cloudflare API to update IP list is broken, which is what my support ticket refers to.
So I guess the question is do we just consider it broken, wouldn't be fixed and move on?
I would imagine if it wasn't going to be fixed there would be some announcement. I'd be interested as to what supports response is
Does support even check/respond here? Sorry for my ignorance
This is a community server so there is no official support here. I thought you mean you had a support ticket open
There's this comment under the List API https://developers.cloudflare.com/waf/tools/lists/lists-api/
Rate limiting for Lists API requests Cloudflare may apply rate limiting to your API requests creating or deleting list items in custom lists and Bulk Redirect Lists. Each operation (create or delete) on a list item counts as a change. The existing rate limit is based on the number of list changes over time. You can request a maximum of 10,000 list changes in five minutes. Once the system has processed enough list changes so that they are under the threshold mentioned above, you can make additional API requests with more changes.do you know how many list items its trying to add?
No. I didn't find an option for that. Maybe I can start a paid subscription to be able to do that
Thanks for sharing! I initially tried 10k, and then after the rate limit, I was doing about 11.
I believe the limit stays for 4 days before further updates can be made
I got the pro plan and just submitted a support ticket