-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #56 from f5devcentral/matt
Rate Limiting
- Loading branch information
Showing
7 changed files
with
40 additions
and
4 deletions.
There are no files selected for viewing
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,11 +1,47 @@ | ||
Rate Limiting protection | ||
======================== | ||
|
||
There are many ways to do Rate Limiting in F5XC. In this lab, we will focus on API Protection Rate Limiting. | ||
|
||
The goal is to rate limit an endpoint at risk because we discovered an attack or it is a shadow API we are not sure if we should allow or block it. | ||
|
||
Subtitle 1 | ||
---------- | ||
Enable Rate Limiting from the Security Dashboard | ||
------------------------------------------------ | ||
|
||
Sub Sub title 2 | ||
^^^^^^^^^^^^^^^ | ||
* Go to the Security Dashboard and into your application API Endpoints screen. | ||
|
||
.. image:: ../pictures/security-endpoints.png | ||
:align: center | ||
:scale: 50% | ||
|
||
* Select ``/api/colors`` and click on the 3dots (...) | ||
* Edit Rate Limiting | ||
* The Rate Limiting config is preset automatically, keep ``1sec`` Threshold | ||
|
||
.. image:: ../pictures/rl-colors.png | ||
:align: center | ||
:scale: 50% | ||
|
||
* Apply, Apply ... till Save | ||
|
||
Test your Rate Limiting config | ||
------------------------------ | ||
|
||
It is time to run a traffic generator script to simulate traffic load | ||
|
||
* SSH or WEBSSH to the Jumphost | ||
* Run this script into /home/ubuntu/api-protection-lab folder | ||
|
||
.. code-block:: none | ||
cd /home/ubuntu/api-protection-lab | ||
bash rate-limit.sh sentence-re-$$makeId$$.workshop.emea.f5se.com | ||
* You can see a respone code 429 - Too Many Requests | ||
|
||
.. code-block:: HTML | ||
|
||
<html><head><title>Error Page</title></head> | ||
<body>The requested URL was rejected. Please consult with your administrator.<br/><br/> | ||
Your support ID is a8c0fa99-7f85-4c81-b245-2d7d94457f8a<h2>Error 429 - Too Many Requests</h2>F5 site: tn2-lon<br/><br/><a href='javascript:history.back();'>[Go Back]</a></body></html> | ||
|
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.