Setting the request rate limit to 0 will actually keep the client's IP in the rate limit database with no expiration, forever keeping it from ever making a request again after the first one is made. (at least until the database server is restarted)
0 used to be used as the number of seconds a client would be denied after they make a request, but ever since since the transition to Redis, we've been using this number as a value for "key expiration". In Redis, if this this value is set to 0, it is actually setting the key to never expire.
Expected behavior should see setting 0 to mean "no rate limiting".
Setting the request rate limit to
0will actually keep the client's IP in the rate limit database with no expiration, forever keeping it from ever making a request again after the first one is made. (at least until the database server is restarted)0used to be used as the number of seconds a client would be denied after they make a request, but ever since since the transition to Redis, we've been using this number as a value for "key expiration". In Redis, if this this value is set to0, it is actually setting the key to never expire.Expected behavior should see setting
0to mean "no rate limiting".