HTTP 429 Too Many Requests

Overview

The HTTP ~429 Too Many Requests~ status code indicates that the client has sent too many requests to the server within a specified time frame. This response is used to mitigate the risk of server overload and ensure fair usage.

Purpose

The HTTP 429 response is used to inform the client that they have exceeded the rate limits imposed by the server, and they should refrain from sending additional requests until the specified time has elapsed.

Usage

Client Behavior:

  1. Send Requests: The client sends multiple requests to the server.
  2. Receive 429 Response: Once the rate limit is exceeded, the client receives an HTTP 429 status code.
  3. Wait and Retry: The client waits for the specified time duration and retries the request.

Server Behavior:

  1. Detect Rate Exceedance: The server detects that the client has exceeded the allowed rate limits.
  2. Send 429 Response: The server responds with an ~HTTP/1.1 429 Too Many Requests~ status code.
  3. Include Retry-After Header: Optionally, the server includes a Retry-After header indicating when the client can retry.

Scenarios

  • Rate Limit Exceeded: Used when a client surpasses the allowed number of requests within a specific time frame.

Sequence Diagram

Illustrating the process for an HTTP 429 response:

sequenceDiagram
    participant Client
    participant Server as Web Server

    Note over Client: Step 1: Client sends multiple requests
    Client->>Server: HTTP Requests (Step 1)

    Note over Server: Step 2: Server detects rate exceedance
    Server->>Client: HTTP/1.1 429 Too Many Requests (Step 2)
    Server->>Client: Retry-After: 60 (optional) (Step 3)

Curl Request and Response Example

Sending requests that exceed the rate limit using Curl:

curl -i http://example.com/resource
# Expected response: HTTP/1.1 429 Too Many Requests
# Retry-After: 60 (optional)

PHP cURL Request and Response Example

PHP script using cURL to handle a 429 Too Many Requests response:

<?php
$ch = curl_init('http://example.com/resource');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
if (curl_getinfo($ch, CURLINFO_HTTP_CODE) == 429) {
    $retryAfter = curl_getinfo($ch, CURLINFO_RETRY_AFTER);
    echo "Too Many Requests. Retry after: $retryAfter seconds";
}
curl_close($ch);
?>

Python Request and Response Example

Python script to handle a 429 Too Many Requests response:

import requests
response = requests.get('http://example.com/resource')
if response.status_code == 429:
    retry_after = response.headers.get('Retry-After')
    print(f"Too Many Requests. Retry after: {retry_after} seconds")

Apache Configuration for HTTP 429 Too Many Requests

Configuring Apache to enforce rate limits and return 429 responses:

<VirtualHost *:80>
    ServerName example.com
    <Location "/resource">
        # Additional configuration to enforce rate limits
        # ...
        # Return 429 Too Many Requests with optional Retry-After header
        Header always set Retry-After "60"
        ErrorDocument 429 "HTTP/1.1 429 Too Many Requests"
    </Location>
</VirtualHost>

NGINX Configuration for HTTP 429 Too Many Requests

Setting up NGINX to enforce rate limits and return 429 responses:

server {
    listen 80;
    server_name example.com;
    location /resource {
        # Additional configuration to enforce rate limits
        # ...
        # Return 429 Too Many Requests with optional Retry-After header
        add_header Retry-After "60";
        return 429 "HTTP/1.1 429 Too Many Requests";
    }
}

HTTP 428 Precondition Required HTTP 431 Request Header Fields Too Large

 

Free Weekly

Newsletter

Join my weekly newsletter for the latest in tech! You'll get neat coding tricks, trend updates, career advice, SaaS reviews, crypto, bitcoin, and financial tips. All straight to your inbox, designed to keep you ahead.

All tactics. No fluff. Action takers Only 🚀

© 2024 Orhan Doğan
Privacy PolicyTerms of UseContact