There are two types of rate limiting available in networks and the two types are typically referred to as software-based rate limiters and hardware-based rate limiters. Software-based rate limiters can implement business logic, for example blocking communication at a server after a specified number of login attempts from the same Internet Protocol (IP) address to different accounts in the server. Rate limiting software is somewhat limited as requests still need to reach the server and still consume resources, since the request must be processed by the server before the server can block the request from proceeding to an application. Hardware-based rate limiters can only look at bandwidth. However, hardware-based rate limiters tend to be more efficient at blocking attacks as once an IP address is blocked, all incoming packets from the IP address can be ignored. Currently, software-based rate limiters operate at the application level, by tracking the IP address or some endpoint identifying signature. A software-based rate limiter is vulnerable to attack, which could bring down services or leave applications vulnerable. Since a software-based rate limiter is based in an application container, high rates of traffic can also cause service interruptions as a result of the application having to service each request and decide whether to block traffic. Under such circumstances, the application container has to handle both the usual traffic and the offending traffic.
It is within this context that the embodiments arise.