Cloudflare Rate Limit (429)

Understand and resolve Cloudflare blocks.

Cloudflare's 429 error means you (or your visitors) exceeded a request limit. It's protection against abuse, but can block legitimate users if misconfigured.

Symptoms

  • Cloudflare page "Error 429 Too Many Requests"
  • Certain users or regions blocked
  • APIs receiving 429 errors
  • Legitimate bots blocked (Googlebot)

Common Causes

  • Rate Limiting too strict: The Cloudflare rule is configured with thresholds too low.
  • Attack or bot: A bot abusing your site triggers protection.
  • Your own app: Your application makes too many API calls to itself.

Diagnostic Steps

  1. Check Rate Limiting rules in Cloudflare
  2. Analyze Cloudflare logs (Analytics)
  3. Identify blocked IPs or User-Agents
  4. Test with "I'm Under Attack" mode disabled

Automate with MoniTao

MoniTao detects rate limiting issues:

  • Monitoring of 429 errors on your endpoints
  • Alerts if MoniTao itself is blocked
  • History to identify patterns

Best Practices

  • Whitelist MoniTao IPs in Cloudflare
  • Adjust rate limiting thresholds gradually
  • Use targeted rules rather than global
  • Whitelist legitimate bots (Googlebot, etc.)

FAQ

How to whitelist MoniTao?

Add our worker IPs (contact support) in Cloudflare > Security > WAF > Tools.

What rate limiting threshold?

Depends on your traffic. Start permissive and adjust based on abuse.

Does Cloudflare block Googlebot?

Not by default, but misconfigured rules can do it.

Can MoniTao be blocked by Cloudflare?

Yes, whitelist our IPs to avoid false positives.

Useful Links

Ready to Sleep Soundly?

Start free, no credit card required.

Create My Account See pricing