BitNinja rate limiting

You are here:
Estimated reading time: 1 min
In this article

With the 2.29.0 version of BitNinja, we introduced the rate limiting feature. This is based on the WAF and SSLTerminating modules. In order to use this feature make sure that the WAF module is enabled and working on the domains, you wish to protect with this feature.

You can set a limit for the all-over number of connections per domain within the defined time period.
The time period can be set with the perDomainRateLimitInterval variable.

If the rate limit is exceeded users get an error message saying that there are too many requests with the status code 429.

See our guide on how to enable the WAF module here.
And check out this guide to make sure the module is working properly.
The feature is available from version 2.29.0. Please check out this guide if you need help with updating BitNinja.

If you need help with the configuration or the module does not seem to be working do not hesitate to contact us.
You can reach us via live chat or send us a ticket from your dashboard, or send us an email at


We need to edit the SSLTerminating module’s config file.

Please see a step-by-step video guide here and a text guide below.

  1. Open the Configuration menu on your BitNinja dashboard.
  2. Select the setting level on the left side. (server-level, server group-level, account-level)
  3. Click on the Advanced Modules menu and select the Protection on HTTPS module
  4. Change the value under the “Domain rate limit” and under the “Domain rate limit interval” sections
  5. Click on the Apply button at the top of the page.
If the perDomainRateLimit is set to 0 then the rate-limiting feature is disabled.
Make sure to add a non-zero value to the perDomainRateLimitInterval variable.
Was this article helpful?
It was not helpful
Views: 866