Documentation Index

Fetch the complete documentation index at: https://docs.document360.com/llms.txt

Use this file to discover all available pages before exploring further.

Fair usage policy for bot management

Prev Next

Document360 enforces a fair usage policy for bot management to ensure consistent performance and equitable access for all users. This policy defines rate limiting rules that cap the number of requests any single IP address can make, protecting the platform against Denial of Service (DoS) attacks and preventing resource monopolization.


Fair usage policy details

Document360's fair usage policy applies rate limiting rules to all incoming bot traffic. Rate limiting controls how many requests a single IP address can make within a given time window, protecting the system from overload and ensuring a responsive experience for all users.

Cloudflare complements this process by analyzing bot activity patterns using heuristics and machine learning detection.

Rate limits

Time window Maximum requests per IP address
Per minute 1,500 requests
Per 10 seconds 300 requests

Requests that exceed either threshold will be blocked until the rate limit window resets.

NOTE

If you have specific use cases that may require higher limits, please contact the Document360 support team to discuss your needs and potential solutions.


Best practices

  • Throttle your requests proactively. Design your bot or integration to stay well below the 300-requests-per-10-seconds ceiling. Burst traffic close to the limit increases the risk of triggering Cloudflare's heuristic detection.
  • Distribute requests evenly. Spread API calls across time rather than sending them in bursts. A steady request rate is less likely to be flagged as abusive.
  • Implement exponential back-off. If your integration receives a 429 response, wait before retrying. Use exponential back-off with jitter to avoid retry storms.
  • Isolate bot traffic to a dedicated IP. Where possible, route programmatic requests through a separate IP address to avoid contention with human user traffic.

FAQ

What happens when my bot exceeds the rate limit?

Requests that exceed the limit — either 1,500 per minute or 300 per 10 seconds per IP address — are blocked. Your client will receive a 429 Too Many Requests response until the rate limit window resets.

How does Cloudflare interact with Document360's rate limiting?

Cloudflare operates as an additional layer of protection alongside Document360's own rate limiting rules. It analyses bot activity patterns using heuristics and machine learning, and may block traffic independently if it identifies suspicious patterns — even if the request volume is within the defined thresholds.