Laravel throttle

Hi Experts,

We are running our product on Laravel 5.7 which receives webhook requests from Shopify, Magento, Amazon etc on behalf of different users.

However, recently we have started to receive a large number of requests which causes error 429: Too Many Requests.

Is there a solution for such issue? (maybe by disabling certain routes for the middleware throttle check)?

and if we do that, is it safe? what are pros and cons?

Talinon

6 years ago

Best Answer

Level 51

@mailnike

I had this problem once dealing with webhooks with a custom ERP integration.

You could create your own middleware group for the webhooks and either exclude the throttle middleware within your app/kernel.php, or increase the number of requestes allowed:

You might just be using an umbrella 'api' middleware group:

'api' => [
    'throttle:240,1'  // allow 240 requests per minute to api group
]

disable all throttling for shopify:

'shopify' => [
    // 'throttle:60,1'
]

You could also add throttling on specific route, or a group of routes:

->middleware('throttle:120,1');


Route::group(['prefix' => 'webhooks', 'middleware' => 'throttle:120,1'], function () {
    Route::get() ....
    Route::get() ....
});

But in the case of applying it to a single route you'd want to make sure the route is not part of a middleware group that has the throttle middleware applied or it would still be in effect for each request. In other words, it won't override it.

As for the cons of completely disabling throttling, your application simply won't rate limit incoming requests.

1 like

Please or to participate in this conversation.