Introducing Advanced Rate Limiting

Cloudflare has introduced Advanced Rate Limiting, an improved throttling technology that allows counting requests based on virtually any characteristic of the HTTP request, regardless of its source IP. This new feature is designed to protect against brute force attacks, scraping, and targeted DDoS attacks by allowing users to define rate limiting rules using all fields of the HTTP request, including URI, method, headers, cookies, AS Number (ASN), value of a query parameter, or bots fingerprint. Advanced Rate Limiting is now part of the Web Application Firewall (WAF) and can be used on all traffic for Enterprise customers without any caps.