CD
Cloudflare Developers4d ago
Matt ✨ Trigger.dev

Abuse protection is rejecting API traffic from our servers

Requests to api.trigger.dev are getting blocked by a “worker” rate limiter rule with 429 responses and the code 1015. These requests are coming from our Digital Ocean cluster and shouldn’t be getting blocked. We have a Cloudflare worker for api.trigger.dev, but the traffic that's getting blocked is just passed through to the original URL. What we’d like to have happen: Prevent the rate limiting rule to block traffic from ASN 14061 which is our DigitalOcean cluster, or maybe just turn off the rate limiter altogether (we have our own rate limiter). Alternatively, if you want to be more restrictive, we could turn off blocking for requests with the header x-trigger-worker (which all requests will have if they are inside a task) Here’s some sample events that are getting blocked that shouldn’t: 
[{
    "action": "block",
    "clientASNDescription": "DIGITALOCEAN-ASN",
    "clientAsn": "14061",
    "clientCountryName": "US",
    "clientIP": "159.65.181.204",
    "clientRefererHost": "",
    "clientRequestHTTPHost": "api.trigger.dev",
    "clientRequestHTTPMethodName": "POST",
    "clientRequestHTTPProtocol": "HTTP/1.1",
    "clientRequestPath": "/api/v1/tasks/batch",
    "clientRequestQuery": "",
    "datetime": "2024-12-13T19:56:57Z",
    "ref": "",
    "rayName": "8f18853b861a4394",
    "ruleId": "worker",
    "rulesetId": "",
    "source": "ratelimit",
    "userAgent": "node",
    "matchIndex": 0,
    "metadata": [],
    "sampleInterval": 1
  },
  {
    "action": "block",
    "clientASNDescription": "DIGITALOCEAN-ASN",
    "clientAsn": "14061",
    "clientCountryName": "US",
    "clientIP": "159.65.181.204",
    "clientRefererHost": "",
    "clientRequestHTTPHost": "api.trigger.dev",
    "clientRequestHTTPMethodName": "POST",
    "clientRequestHTTPProtocol": "HTTP/1.1",
    "clientRequestPath": "/api/v1/tasks/batch",
    "clientRequestQuery": "",
    "datetime": "2024-12-13T19:56:57Z",
    "ref": "",
    "rayName": "8f18853a452b0f9c",
    "ruleId": "worker",
    "rulesetId": "",
    "source": "ratelimit",
    "userAgent": "node",
    "matchIndex": 0,
    "metadata": [],
    "sampleInterval": 1
  }]
[{
    "action": "block",
    "clientASNDescription": "DIGITALOCEAN-ASN",
    "clientAsn": "14061",
    "clientCountryName": "US",
    "clientIP": "159.65.181.204",
    "clientRefererHost": "",
    "clientRequestHTTPHost": "api.trigger.dev",
    "clientRequestHTTPMethodName": "POST",
    "clientRequestHTTPProtocol": "HTTP/1.1",
    "clientRequestPath": "/api/v1/tasks/batch",
    "clientRequestQuery": "",
    "datetime": "2024-12-13T19:56:57Z",
    "ref": "",
    "rayName": "8f18853b861a4394",
    "ruleId": "worker",
    "rulesetId": "",
    "source": "ratelimit",
    "userAgent": "node",
    "matchIndex": 0,
    "metadata": [],
    "sampleInterval": 1
  },
  {
    "action": "block",
    "clientASNDescription": "DIGITALOCEAN-ASN",
    "clientAsn": "14061",
    "clientCountryName": "US",
    "clientIP": "159.65.181.204",
    "clientRefererHost": "",
    "clientRequestHTTPHost": "api.trigger.dev",
    "clientRequestHTTPMethodName": "POST",
    "clientRequestHTTPProtocol": "HTTP/1.1",
    "clientRequestPath": "/api/v1/tasks/batch",
    "clientRequestQuery": "",
    "datetime": "2024-12-13T19:56:57Z",
    "ref": "",
    "rayName": "8f18853a452b0f9c",
    "ruleId": "worker",
    "rulesetId": "",
    "source": "ratelimit",
    "userAgent": "node",
    "matchIndex": 0,
    "metadata": [],
    "sampleInterval": 1
  }]
Note that it’s not all from 1 IP. We run a lot of servers in this cluster that each have a different public IP address in quite a broad range.
5 Replies
Erisa
Erisa4d ago
you have a Workers Paid plan right?
Eric ✨ trigger.dev
Eric ✨ trigger.dev3d ago
Yes we do
Matt ✨ Trigger.dev
Matt ✨ Trigger.devOP3d ago
We've disabled this proxy worker completely now. It was an optimization for us and wasn't essential
Erisa
Erisa3d ago
You'd need to reach out to support to get the limit removed ?support
SuperHelpflare
SuperHelpflare3d ago
To contact Cloudflare Support about an issue, please visit the Support Portal and fill in the form on the portal. After submission, you will receive confirmation over email. Some issues, such as Account or Billing related issues, cannot be solved by the community. Any plan level (including Free plans) can open tickets for Account, Billing or Registrar ticket categories. Make sure to select the correct category to ensure it goes to the right place. For more information on the methods by which you can contact Support for your plan level, see Contacting Cloudflare Support - Cloudflare Docs
Want results from more Discord servers?
Add your server