: Should I return a 429 or 503 status code to a bot? We are doing some work to block excessive bots. We are throttling requests based on IP. In the past, using IIS, we have returned a 503
We are doing some work to block excessive bots. We are throttling requests based on IP. In the past, using IIS, we have returned a 503 error to the client. Someone suggested that a 429 is more appropriate. I am trying to figure out which one I should use and why. When I searched this site for 429, I found nothing.
I found these definitions of HTTP Status Codes on Wikipedia:
429 Too Many Requests The user has sent too many requests in a given
amount of time. Intended for use with rate limiting schemes.
503 Service Unavailable The server is currently unavailable (because
it is overloaded or down for maintenance). Generally, this is a
temporary state.
It seems that the 429 is more appropriate to serve to an offending bot. Is this correct?
More posts by @Pierce454
1 Comments
Sorted by latest first Latest Oldest Best
503 Unavailable is intended for all users (Downtime for XYZ).
429 Is intended for users and machines that request too many threads (Requests).
You should use status 429 as this implies that it is intended for that user and other users may not be affected. Furthermore the better status would be 403 Forbidden if your blocking on IP addresses as this implies that they are forbidden while 429 is normally associated with a temporary block. So you should use status 429 on machines requesting too much data as a temporary issue as you don't want to 403 legit users.
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.