Web server rate limiting

Your Silverstripe Cloud environments use ip based rate limiting to limit the amount of traffic singular users can request. Currently this defaults to 10r/s (10 requests per second), and 5r/s for older, smaller stacks. Previously these values (or adding an ip to the whitelist) were adjusted by raising tickets with the Service Desk to change them via the backend, however this can now be changed via the .platform.yml file.

Rate limiting in .platform.yml

This is an example configuration of a .platform.yml file changing the per ip rate, and adding ips to the whitelist, bypassing all rate limiting:

webserver_rate_limit:
  general_perip_rate: "20r/s"
  whitelist:
    - "202.160.44.111"
    - "202.160.48.123"
    - “202.140.48.0/24”

Two options are supported within .platform.yml:

general_perip_rate  - How many times a specific ip, that is not flagged internally as a bot, can send requests before being rate limited by nginx. This needs to be formatted as XXr/s or XXr/m, where XX is the number of requests, and formatted as requests per second (XXr/s) or requests per minute (XXr/m). 

whitelist - the ips that are exempt from being rate limited. This can be supplied as a single ip, or defined using CIDR notation to denote an entire block. 

Was this answer helpful? Yes No

Sorry we couldn't be helpful. Help us improve this article with your feedback.