...
For instance, if there's a subscription level policy enforced over a long period, you may not want users to consume the entire quota within a short time span. Sudden spikes in usage or attacks from users can also be handled via rate limiting. You can define a spike arrest policy when the subscription level tier is created.
| Info | ||
|---|---|---|
| ||
Spike Arrest Polcy is used to protect the API backend against large number of traffic spikes and DoS attacks. Unlike setting one definite throttling tier (Quota), it helps to limit the sudden increase of number of requests at any point in time. As an example, if we specify a quota policy as 20 requests per minute, it is possible to send all 20 requests in first few seconds in one minute of that 20 minutes so that we cannot limit it. By defining a spike arrest policy as 20 requests per second, it equally scatter the the number of requests over the given 20 minutes. Therefore by doing rate limiting we can protect the backend from sudden spikes and DoS attacks through spike arrest policy. |
For each subscription level throttle key, a WS policy is created on demand. The request count is calculated and throttling occurs at the node level. If you are using a clustered deployment, the counters are replicated across the cluster.
...