Expand my Community achievements bar.

Rate limiting CDN

Avatar

Level 2
Level 2
12/2/25 7:53:11 PM

I am trying to implement rate limiting at the CDN level in AEMaaCS.

I am testing this in an RDE using rules referenced in the Adobe documentation. However:

  • The rate limit is not being triggered

  • I tried multiple variations

  • I expected a 429 Too Many Requests response, but never received it

 

  • Is 429 the default HTTP error returned when a CDN rate limit is exceeded?

  • Is there already a default rate limit applied at the CDN layer in AEMaaCS?

 

https://experienceleague.adobe.com/en/docs/experience-manager-cloud-service/content/security/traffic...

 

kind: "CDN"
version: "1"
data:
  trafficFilters:
    rules:
    - name: limit-requests-client-ip
      when:
        reqProperty: tier
        matches: "author|publish"
      rateLimit:
        limit: 60
        window: 10
        penalty: 300
        count: all
        groupBy:
          - reqProperty: clientIp
      action: block

 

Any suggestions for fine-tuning the rate-limit configuration, and is there a recommended way to test it?

 

Thankyou very much !!

Views

128

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Reply

Avatar

Community Advisor and Adobe Champion
Community Advisor and Adobe Champion
12/4/25 11:33:40 AM

@VishnuRa5 

Adobe's default for all custom blocking rules (including WAF and rate limits) is 406 Not Acceptable

In order to receive 429, you need to add it in the "action". like below.

action:

type: block

status: 429

 

RDEs do not sync CDN rules from Git, You must push them manually to environment config using Adobe I/O CLI. 

Also, try hitting the page with curl instead of directly from the browser to to see if the rule is triggering.

 

 

Views

36

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
How to Purge CDN Cache for a Specific Website in Multi-Site AEM as a Cloud Service Environment? Solved

Views

439

Likes

0

Replies

7
Limit what is pushed for translation Solved

Views

294

Likes

0

Replies

2
Asset References Limit Solved

Views

325

Likes

0

Replies

2
Adobe CDN is blocking requests from internal Adobe service IPs (IO Runtime) || Allow Adobe I/O Runtime to AEM Author Traffic for Runtime Namespace Solved

Views

686

Likes

0

Replies

3
AEMaaCS: how do I know if a file is getting served from dispatcher vs CDN? Solved

Views

468

Likes

0

Replies

5