IP Blocked Because of Ridiculously Excessive Traffic

My domain is: point2value.com

I ran this command: curl -v https://acme-v02.api.letsencrypt.org/directory

It produced this output:
VERBOSE: GET https://acme-v02.api.letsencrypt.org/directory with 0-byte payload
curl : {“type”: “urn:ietf:params:acme:error:rateLimited”, “detail”: "Your IP, 40.117.152.218, has been blocked due to
ridiculously excessive traffic. Once this is corrected you may request this be reviewed on our forum
https://community.letsencrypt.org "}

We had a developer testing scripts to renew our certificate that caused this. Can someone unblock our IP? Thanks!

Hi @SuperTed,

Could you explain more about what the testing script was doing and how you confirmed the problem was fixed? Thanks!

When we update our ssl certificate not only do we have to update our websites, we have to update several other configuration files that use that thumbprint of the new certificate. So we have created powershell scripts to automate this entire process, and part of that process is calling into Let’s Encrypt to renew the cert. I’m assuming our IP was blocked because the developer was running and testing this script to make sure everything was working as expected. That could be the only reason it would be blocked.

Hmm. I'm less confident that the explanation was a single developer testing something manually. We typically only block IPs in this manner when they are sending a great deal of traffic (a "ridiculous" amount in a 24hr period, hundreds of thousands of requests). For reference the block on your IP was added at the end of January, so it wasn't something very recent.

By chance have you ever used the ACME client "cert-manager" for a Kubernetes cluster? If you are certain it was your home rolled PowerShell automation that caused this block can you identify a root cause for why it would generate so much excessive traffic?

Based on your explanation 500K requests is something we certainly would not have done with manual testing. I didn’t even have the server up at the end of January. The IP is from an Azure VM I created only about two months ago - is it possible Azure has given me a static IP that was used previously by someone else?

Very possible! Unfortunately its been too long for me to check the logs to see what the user-agent of the ACME client was in January to help confirm.

I'm comfortable filing a ticket to remove the block on the assumption that you were bit by some unfortunate IP address re-use within Azure. I will update this thread when the change has been made. Thanks for your patience!

1 Like

Thank you very much!

1 Like

Thank you for your patience! This has hit production and the IP is no longer blocked.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.