Mahesh
CDCloudflare Developers
•Created by Mahesh on 3/1/2025 in #workers-help
Workers transiently dropping REQUEST BODY sending empty body to ORIGIN Server.
We are using CF workers to chnange the hostname and direct to different origion servers based on some URL paths and query parameters. However we have seen less 1% 524 errors. COreeposnding CF RAY ids were not present in origin server. In order to understand the pattern and started to log both request and response contents. However ever since we did, we started getting calls from customers they are are saying invalidation errors(422), that is due to request content being empty. I am suspecting that this is due to REQUEST.CLONE() we did( it was not there before).
8 replies
CDCloudflare Developers
•Created by Mahesh on 10/9/2023 in #general-help
WAF API Ratelimit recommended practice.
Our application operates in a B2B context, allowing us to configure rate limits at the partner/user level. We are considering enhancing our rate-limiting capabilities by combining the Cloudflare Web Application Firewall (CF WAF) rate limit with the API rate limit provided by our application. This approach aims to reduce the burden on our origin server and minimize the occurrence of 429 errors.
We are contemplating two potential solutions:
1. Dynamic Rate Limiting: This involves identifying the partner in the URL, checking the response code for 429, and inspecting the Retry-After header flag. We would then create an entry in a Key-Value (KV) store for each partner with ttl of Retry-After. Every incoming request would check if there's an entry for the partner in the KV store and, if so, respond with a custom 429 message.
2. Edge-Based Partner Configuration: The alternative approach is to push partner-specific rate limit configurations to the edge using the Rules API. This would entail moving the entire application logic to the edge. However, considering we have over 1000 partners, implementing this many rules could potentially introduce latency.
We would appreciate your insights on which approach you recommend or if there are any alternative methods that would achieve our goal with minimal impact on latency.
1 replies