How to bypass worker rate limits for IP address (for testing)
Hello!
We recently started using workers and have subscribed for the $5/month workers paid plan.
Our 3rd party security testing partners have told us they're hitting rate limits, even though we have an IP rule allowing them through the WAF, and custom rule set to skip rate limits from their IP.
Looking at the logs in the security events, I can see that they are being blocked by a rule with Rule ID "worker". According to the docs this means they are being rate limited by Anti-Abuse Protection:
Workers being rate-limited by Anti-Abuse Protection are also visible from the Cloudflare dashboard: Log in to the Cloudflare dashboard and select your account and your website. Select Security > Events > scroll to Activity log. Review the log for a Web Application Firewall block event with a ruleID of worker.The docs also say:
If you expect to receive 1015 errors in response to traffic or expect your application to incur these errors, contact Cloudflare support to increase your limit.Although we're on a paid workers plan, we're not a business plan overall, so I'm not able to raise a ticket through the Cloudflare account. Is there any other way to raise the Abuse Protection limit for workers myself, or another way of contacting support? Many thanks!
3 Replies
I escalated this topic, someone will have a look when they can
What's the name of your domain? @David - Impact Cubed Once I have this I will follow up directly via ticket.
Thanks Liam, I will message you directly.