AspNetCoreRateLimit endpoint wild-card does not work

I am trying to implement a rate limit using the AspNetCoreRateLimit package. I would like to limit the rate on only one endpoint This one:

https://[removed for privacy]/v/1/product_provisioning/user_has_signatures?phoneNumber=070930900

When I use this config with the * wildcard i get the correct rate limiting for all endpoints, but I would like to implement it only for the endpoint I mentioned above:

"IpRateLimiting": {
    "EnableEndpointRateLimiting": false,
    "StackBlockedRequests": false,
    "RealIpHeader": "X-Real-IP",
    "ClientIdHeader": "X-ClientId",
    "HttpStatusCode": 429,
    "GeneralRules": [
            "Endpoint": "*",
            "Period": "60s",
            "Limit": 1

I tried the following wildcard combinations and none worked:

"Endpoint": "*:/v/1/product_provisioning/*",
"Endpoint": "GET:/v/1/product_provisioning/*",
"Endpoint": "*:/v/1/product_provisioning/user_has_signatures/*",
"Endpoint": "*:/v/1/product_provisioning/user_has_signatures?phoneNumber=*",

1 answer

  • answered 2022-05-06 09:05 Xinran Shen

    Because your phoneNumber is a query string,

    options.EnableEndpointRateLimiting = true;
    options.StackBlockedRequests = false;
    options.HttpStatusCode = 429;
    options.RealIpHeader = "X-Real-IP";
    options.ClientIdHeader = "X-ClientId";
    options.GeneralRules = new List<RateLimitRule>
            new RateLimitRule
                Endpoint = "GET:/v/1/product_provisioning/user_has_signatures",
                Period = "60s",
                Limit = 1,

    In the above code, the option EnableEndpointRateLimiting is set as true to ensure that limit is applied to specific endpoints rather than all endpoints. If EnableEndpointRateLimiting is set to false then the limits will apply globally and only rules that have as endpoint * will apply.

    enter image description here

How many English words
do you know?
Test your English vocabulary size, and measure
how many words do you know
Online Test
Powered by Examplum