All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Cloudflare Rate Limiting just became FREE UNMETERED!
Yup, just like their unmetered DDoS protection!
Number of rules included for free on each CF plan
Free: 1
Pro: 2
Business: 5
What is this?
With rate limiting you can limit each IP for X requests per X time for X resource - for example limit registration/form to decrease spam or limit search function in your forum to defend from attack/cpu overload.
What does unmetered mean in this case?
Cloudflare wont bill you for usage on these free unmetered filters. Previously it was $5 per 1mil requests.
Want even more rules for free?
You can bind CF-Connecting-IP as real IP in nginx on your own server and apply rules there!
So why would you even want to use CF Rate Limit if you can have like 100 rules in nginx for free already?
Because it will offload rate limiting to CF, extra requests wont hit your server.
I recommend the best of two worlds - offload most abused functions to CF, add more rarely abused functions to nginx. That way you'll get best free & powerful rate limit which can defend you from many attacks and abusers.
Share your ideas - how you will use rate limiting? 
Comments
OMG this is huge, the main issue regarding dynamic sites even hidden behind Cloudflare was overloading the server, now I can offload to Cloudflare.
Thank you Cloudflare.
Sounds great, except that I don't know how to implement this. If I put it on my web
example.com, will the subdomain protected by cf also ?This is a nice perk. Glad to see it.
is there similar way to do in Apache??
Yup, its possible too
https://brightwhiz.com/real-client-ip-address-cloudflare-apache-php/
Very easy method!
This will probably save me $0.50 a month, yay!
Nice stuff. CF is great
Well if you didnt paid yet then it saves you from providing billing/card info to Cloudflare.
I think its a lot more important to people, no chance of unexpected charge etc.
^Yes.
been seriously considering using this for my api but the cost was a major let down , well now can use it and remove the rate limiting from my app as its a headache dealing locally.
for instance , here is the 24 hours stats of my API endpoint.
CF is shit, if you don't give them money and want to report issue to their NOC, good luck.
Combine that with a ISP that doesn't give a fuck about their costumers too, you won the jackpot.
Then every one uses CF, so if the shit is congested with packetloss, its a breeze to find a website not using that garbage.
Last time I contacted them I emailed both the CTO and a product manager and got a reply on the same day (Saturday)
^^^ This guy gets shit done.
Can you DM me his email? Without a VPN CF craps itself multiple times a day, fucking sucks.
Have sent you a few contacts I have
Thanks, as far as I can tell, it doesn't seem to be a Cloudflare issue.
I did dig deeper in the past hours, more looks like my ISP is full of shit.
But also, CF is aware and does not really do much.
Thanks anyway, I will still ask though.
Small update here, still no reply from CF, neither twitter, email or forum, sad.
DSGVO sagt nein.