{"type":"video","version":"1.0","html":"<iframe src=\"https://www.loom.com/embed/34b37a90b8414318a9d3499802ff7ea7\" frameborder=\"0\" width=\"1920\" height=\"1440\" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe>","height":1440,"width":1920,"provider_name":"Loom","provider_url":"https://www.loom.com","thumbnail_height":1440,"thumbnail_width":1920,"thumbnail_url":"https://cdn.loom.com/sessions/thumbnails/34b37a90b8414318a9d3499802ff7ea7-8fa5ea4a75458fe3.gif","duration":278.785,"title":"Baking Path Into Rate Limit Key","description":"I wanted to walk through a more nuanced rate limiting use case from Akamai where you need the path baked into the rate limit key, not just the match condition. Specifically, I wanted to ensure each individual path, like slash and slash products, does not exceed 50 requests per second per true client IP. With Zuplo, I grab the path name and a CDN supplied header for the true client IP, and use both in the key. My test showed 429s when the path and client IP hit the limit, and different behavior when either changed. I did not ask for any specific action, just reach out if you have questions."}