API requests returning 403 #60
Description
Description
Making more than 30 requests results in 403 response on any further requests for an extended period of time (30 seconds or more), which makes it pretty much unusable.
Steps to Reproduce
Make more than 30 API requests over a short period of time.
Expected Behavior
API works at 80 requests per second, as specified at https://metmuseum.github.io
Actual Behavior
Requests after 30th return a 403 response indicating Imperva Incapsula DDoS protection kicking in:
❯ curl -v https://collectionapi.metmuseum.org/public/collection/v1/objects/647671
* Host collectionapi.metmuseum.org:443 was resolved.
* IPv6: (none)
* IPv4: 45.60.134.20
* Trying 45.60.134.20:443...
* schannel: disabled automatic use of client certificate
* ALPN: curl offers http/1.1
* ALPN: server did not agree on a protocol. Uses default.
* Connected to collectionapi.metmuseum.org (45.60.134.20) port 443
* using HTTP/1.x
> GET /public/collection/v1/objects/647671 HTTP/1.1
> Host: collectionapi.metmuseum.org
> User-Agent: curl/8.13.0
> Accept: */*
>
* Request completely sent off
* schannel: server close notification received (close_notify)
< HTTP/1.1 403 Forbidden
< Content-Type: text/html
< Cache-Control: no-cache, no-store
< Connection: close
< Content-Length: 760
< X-Iinfo: 2-38386998-0 0NNN RT(1756724003843 133) q(0 -1 -1 -1) r(0 -1) B15(11,6501148,0) U18
< Set-Cookie: visid_incap_1662004=+nXGE17fSAOSZVfHQLnBvCN7tWgAAAAAQUIPAAAAAAB/HVtmr4u2PTWjrUPIavxE; expires=Mon, 31 Aug 2026 23:15:45 GMT; HttpOnly; path=/; Domain=.metmuseum.org
< Set-Cookie: incap_ses_1288_1662004=6gVhPcIkjCjB4SJRfOXfESN7tWgAAAAAjVGaMJnwFLBbSEiSmA03OQ==; path=/; Domain=.metmuseum.org
<
<html style="height:100%"><head><META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW"><meta name="format-detection" content="telephone=no"><meta name="viewport" content="initial-scale=1.0"><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"></head><body style="margin:0px;height:100%"><iframe id="main-iframe" src="/_Incapsula_Resource?CWUDNSAI=23&xinfo=2-38386998-0%200NNN%20RT%281756724003843%20133%29%20q%280%20-1%20-1%20-1%29%20r%280%20-1%29%20B15%2811%2c6501148%2c0%29%20U18&incident_id=1288000340550997125-186428046319290498&edet=15&cinfo=0b000000&rpinfo=0&mth=GET" frameborder=0 width="100%" height="100%" marginheight="0px" marginwidth="0px">Request unsuccessful. Incapsula incident ID: 1288000340550997125-186428046319290498</iframe></body></html>* shutting down connection #0
Metadata
Metadata
Assignees
Labels
No labels