![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 27%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDV%3C/text%3E%3C/svg%3E)
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
4,323 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 59%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
@Deshmukh, Vijit Thanks for reaching out. you can use Azure Front Door to limit the number of requests. You can configure rate limiting by using custom WAF rules. When you configure a rate limit rule, you specify the threshold, which is the number of web requests that are allowed from each socket IP address within a time period.
{
"name": "RateLimitRule",
"priority": 1,
"ruleType": "RateLimitRule",
"rateLimitDurationInMinutes": 1,
"rateLimitThreshold": 100,
"matchConditions": [
{
"matchVariable": "RemoteAddr",
"operator": "IPMatch",
"negateCondition": false,
"matchValue": ["0.0.0.0/0"]
}
],
"action": "Block"
}
The above sample rule will block any IP address that makes more than 100 requests in one minute.
Note:
A few considerations to keep in mind while you determine threshold values and time windows for rate limiting:
- Larger window size and smaller thresholds are most effective in preventing against DDoS attacks.
- Setting larger time window sizes (for example, five minutes over one minute) and larger threshold values (for example, 200 over 100) tend to be more accurate in enforcing close to rate limits thresholds than using the shorter time window sizes and lower threshold values.
If the threshold is low enough, the first request to the new Azure Front Door server could pass the rate limit check. So, for a low threshold (for example, less than about 200 requests per minute), you might see some requests above the threshold get through.
So, you cannot keep the threshold at 10 and expect it to work. You need a higher threshold like 200 or more.
If you need it for 10 calls/min, then Front Door is not the right choice.
Reference thread: Azure FrontDoor WAF rate limit unexpected behavior - Microsoft Q&A
Alternatively, you can also limit the number of function calls per minute using Azure APIM.
Azure API Management provides a variety of API security options for incoming requests. You can configure rate limits on your API Management instance to limit the number of requests per minute.
To learn more about how to configure rate limits in Azure API Management, please see https://learn.microsoft.com/en-us/azure/api-management/api-management-sample-flexible-throttling#configure-rate-limits-for-your-api
let me know incase of further queries, I would be happy to assist you.
Please 'Accept as answer' and ‘Upvote’ if it helped so that it can help others in the community looking for help on similar topics.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 62%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESP%3C/text%3E%3C/svg%3E)