Rate limiting use case

Hi, I'm currently on free plan and looking to move on to Pro plan. I want to be sure that I can create some "complex" rules for rate-limiting.

The case is we have some authentication endpoints across a lot of subdomains , and what we need it's to block IPs that have caused 4XX exceptions in a windows of time (i.e: 10 seconds) and with some repetition (like 5 failed request in a short time) . In that case the IP should be blocked and put it on blacklist.

I just want to know if this is possible with Pro plan.
Thanks

SuperHelpflare•8/27/25, 8:21 PM

Support AI

Based on the documentation, it appears that the feature you are looking for is called "Complexity-based rate limiting" which is only available to Enterprise customers with Advanced Rate Limiting (https://developers.cloudflare.com/waf/rate-limiting-rules/use-cases/).

The Pro plan does not seem to have this feature. The Pro plan allows for basic rate limiting rules, but it does not support complexity-based rate limiting.

However, you can create a custom rate limiting rule on the Pro plan that blocks IPs based on the number of requests within a certain time period (https://developers.cloudflare.com/waf/reference/legacy/old-rate-limiting/). But it does not seem to support blocking IPs based on 4XX exceptions.

I would recommend checking the Cloudflare documentation for the most up-to-date information on the features available on the Pro plan.

Sources

This is an AI generated response, it may not be 100% accurate. Please validate the output. You can ask followups by replying to this message or mentioning me.

Rate limiting use case

Similar Threads

Similar Threads

Similar Threads