Temporary Domain Rate Limit


#1

We are a medium sized webhosting provider in the UK and a feature we provide to customers is the ability to generate a temporary domain in the form of a subdomain, where the customer can use this to develop their site and move it across to a registered domain name when the development stage is complete.
An example of this is username-generatedstring.temp-dns.com.

We ran in to rate limit issues on the first day of testing LE in our environment due to the number of subdomains we have under the temp-dns.com remit and we have customers chasing us up for an answer to this.

Is there any way we can request a rate limit increase on this domain? I can confirm it’s only used for this purpose and proof of ownership can be provided if required.


#2

https://letsencrypt.org/docs/rate-limits/

You can, but the form is processed on a time scale of weeks, not… tomorrow.

You can – and probably should – submit your domain to the Public Suffix List. Doing so would cause web browsers – and Let’s Encrypt – to treat your domain more like a TLD. For example, customers would be unable to see each other’s HTTP cookies, and Let’s Encrypt would consider each customer separate for domain rate limiting purposes.

https://publicsuffix.org/submit/

However, new Public Suffix List submissions also take some weeks to percolate down to the Let’s Encrypt production rate limiting system. :slight_frown:

Edit: I almost forgot. Adding your domain to the Public Suffix List may be impractical if you host some of your own services on subdomains and do need to share things like cookies across them. But, in my opinion, it would be better to reorganize your stuff and still go forward with the PSL.


#3

I submitted an entry to the Google form on 18th April, however we hadn’t heard anything back. I’ve resubmitted this now with updated figures just in case.

I have also since submitted a PR to the PSL.

Thanks for the info. :slight_smile:


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.