docs/en/latest/getting-started/rate-limiting.md - apisix - Git at Google

 ---
 title: Rate Limiting
 slug: /getting-started/rate-limiting
 ---

 <head>
   <link rel="canonical" href="https://docs.api7.ai/apisix/getting-started/rate-limiting" />
 </head>

 > The Getting Started tutorials are contributed by [API7.ai](https://api7.ai/).

 APISIX is a unified control point, managing the ingress and egress of APIs and microservices traffic. In addition to the legitimate client requests, these requests may also include unwanted traffic generated by web crawlers as well as cyber attacks, such as DDoS.

 APISIX offers rate limiting capabilities to protect APIs and microservices by limiting the number of requests sent to upstream services in a given period of time. The count of requests is done efficiently in memory with low latency and high performance.

 <br />
 <div style={{textAlign: 'center'}}>
 <img src="https://static.apiseven.com/uploads/2023/02/20/l9G9Kq41_rate-limiting.png" alt="Routes Diagram" />
 </div>
 <br />

 In this tutorial, you will enable the `limit-count` plugin to set a rate limiting constraint on the incoming traffic.

 ## Prerequisite(s)

 1. Complete the [Get APISIX](./README.md) step to install APISIX first.
 2. Complete the [Configure Routes](./configure-routes.md#what-is-a-route) step.

 ## Enable Rate Limiting

 The following route `getting-started-ip` is inherited from [Configure Routes](./configure-routes.md). You only need to use the `PATCH` method to add the `limit-count` plugin to the route:

 ```shell
 curl -i "http://127.0.0.1:9180/apisix/admin/routes/getting-started-ip" -X PATCH -d '
 {
   "plugins": {
     "limit-count": {
         "count": 2,
         "time_window": 10,
         "rejected_code": 503
      }
   }
 }'
 ```

 You will receive an `HTTP/1.1 201 Created` response if the plugin was added successfully. The above configuration limits the incoming requests to a maximum of 2 requests within 10 seconds.

 ### Validate

 Let's generate 100 simultaneous requests to see the rate limiting plugin in effect.

 ```shell
 count=$(seq 100 | xargs -I {} curl "http://127.0.0.1:9080/ip" -I -sL | grep "503" | wc -l); echo \"200\": $((100 - $count)), \"503\": $count
 ```

 The results are as expected: out of the 100 requests, 2 requests were sent successfully (status code `200`) while the others were rejected (status code `503`).

 ```text
 "200": 2, "503": 98
 ```

 ## Disable Rate Limiting

 Disable rate limiting by setting the `_meta.disable` parameter to `true`:

 ```shell
 curl -i "http://127.0.0.1:9180/apisix/admin/routes/getting-started-ip" -X PATCH -d '
 {
     "plugins": {
         "limit-count": {
             "_meta": {
                 "disable": true
             }
         }
     }
 }'
 ```

 ### Validate

 Let's generate 100 requests again to validate if it is disabled:

 ```shell
 count=$(seq 100 | xargs -i curl "http://127.0.0.1:9080/ip" -I -sL | grep "503" | wc -l); echo \"200\": $((100 - $count)), \"503\": $count
 ```

 The results below show that all of the requests were sent successfully:

 ```text
 "200": 100, "503": 0
 ```

 ## More

 [//]: <TODO: Add the link to matching rules configuration>
 [//]: <TODO: Add the link to cluster-level rate limiting>
 [//]: <TODO: Add the link to APISIX variables>
 You can use the APISIX variables to configure fined matching rules of rate limiting, such as `$host` and `$uri`. In addition, APISIX also supports rate limiting at the cluster level using Redis.

 ## What's Next

 Congratulations! You have learned how to configure rate limiting and completed the Getting Started tutorials.

 You can continue to explore other documentations to customize APISIX and meet your production needs.
	---
	title: Rate Limiting
	slug: /getting-started/rate-limiting
	---

	<head>
	<link rel="canonical" href="https://docs.api7.ai/apisix/getting-started/rate-limiting" />
	</head>

	> The Getting Started tutorials are contributed by [API7.ai](https://api7.ai/).

	APISIX is a unified control point, managing the ingress and egress of APIs and microservices traffic. In addition to the legitimate client requests, these requests may also include unwanted traffic generated by web crawlers as well as cyber attacks, such as DDoS.

	APISIX offers rate limiting capabilities to protect APIs and microservices by limiting the number of requests sent to upstream services in a given period of time. The count of requests is done efficiently in memory with low latency and high performance.

	<br />
	<div style={{textAlign: 'center'}}>
	<img src="https://static.apiseven.com/uploads/2023/02/20/l9G9Kq41_rate-limiting.png" alt="Routes Diagram" />
	</div>
	<br />

	In this tutorial, you will enable the `limit-count` plugin to set a rate limiting constraint on the incoming traffic.

	## Prerequisite(s)

	1. Complete the [Get APISIX](./README.md) step to install APISIX first.
	2. Complete the [Configure Routes](./configure-routes.md#what-is-a-route) step.

	## Enable Rate Limiting

	The following route `getting-started-ip` is inherited from [Configure Routes](./configure-routes.md). You only need to use the `PATCH` method to add the `limit-count` plugin to the route:

	```shell
	curl -i "http://127.0.0.1:9180/apisix/admin/routes/getting-started-ip" -X PATCH -d '
	{
	"plugins": {
	"limit-count": {
	"count": 2,
	"time_window": 10,
	"rejected_code": 503
	}
	}
	}'
	```

	You will receive an `HTTP/1.1 201 Created` response if the plugin was added successfully. The above configuration limits the incoming requests to a maximum of 2 requests within 10 seconds.

	### Validate

	Let's generate 100 simultaneous requests to see the rate limiting plugin in effect.

	```shell
	count=$(seq 100 \| xargs -I {} curl "http://127.0.0.1:9080/ip" -I -sL \| grep "503" \| wc -l); echo \"200\": $((100 - $count)), \"503\": $count
	```

	The results are as expected: out of the 100 requests, 2 requests were sent successfully (status code `200`) while the others were rejected (status code `503`).

	```text
	"200": 2, "503": 98
	```

	## Disable Rate Limiting

	Disable rate limiting by setting the `_meta.disable` parameter to `true`:

	```shell
	curl -i "http://127.0.0.1:9180/apisix/admin/routes/getting-started-ip" -X PATCH -d '
	{
	"plugins": {
	"limit-count": {
	"_meta": {
	"disable": true
	}
	}
	}
	}'
	```

	### Validate

	Let's generate 100 requests again to validate if it is disabled:

	```shell
	count=$(seq 100 \| xargs -i curl "http://127.0.0.1:9080/ip" -I -sL \| grep "503" \| wc -l); echo \"200\": $((100 - $count)), \"503\": $count
	```

	The results below show that all of the requests were sent successfully:

	```text
	"200": 100, "503": 0
	```

	## More

	[//]: <TODO: Add the link to matching rules configuration>
	[//]: <TODO: Add the link to cluster-level rate limiting>
	[//]: <TODO: Add the link to APISIX variables>
	You can use the APISIX variables to configure fined matching rules of rate limiting, such as `$host` and `$uri`. In addition, APISIX also supports rate limiting at the cluster level using Redis.

	## What's Next

	Congratulations! You have learned how to configure rate limiting and completed the Getting Started tutorials.

	You can continue to explore other documentations to customize APISIX and meet your production needs.