When you press "Create" you will see the basic Configuration UI. For most users, this should be sufficient to create a rate limit rule.
1. Enter a URL. If you do not include a scheme, it will match both http and https. If you only want one, enter it explicitly (e.g. http://www.example.com/login/*)
2. Enter an integer > 1 that represent the number of requests in a sampling period
3. Use the drop-down to select the sampling period (the period during which requests are counted)
4. Dropdown to select the duration of the block once a threshold has been triggered
5. Advanced Criteria for more complex rules involving http method and response code
6. Advanced Response for more complex rules serving a custom error response or, if you have ELS, a log-only ("simulate") mode.
1. Select from possible http methods. Or select ANY (and only ANY) to return to any method.
2. Enter the origin response code you want to count. For example, for auth failures you could use 403 (or whatever your app uses)
1. You can use the dropdown to select a custom JSON or custom TEXT. If you want Custom HTML, go to the Menu > Customize > Rate Limiting
2. For ELS customers, you can select Simulate, which will only log the rule, but not block.
List of Rules
This screen shows you the list of existing rules.
1. The drop-down lets you change the state from "Live" (blocking real traffic), "Simulate" (logging to Enterprise Log Share but not blocking), or "Paused" -- doing nothing
2. This edit button will pull up the same modal shown above for creating a rule to allow you to edit existing values
3. This will delete the rule (after you confirm the pop-up)