What to check for "blocked due to ridiculously excessive traffic"

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:triangleleatherworks.com

I ran this command: renew LE ssl

It produced this output: Detail: {"type": "urn:ietf:params:acme:error:rateLimited", "detail": "Your IP, 202.52.146.48, has been blocked due to ridiculously excessive traffic. Once corrected, request a review by emailing unblock-request@letsencrypt.org"}

My web server is (include version): nginx/1.18.0

The operating system my web server runs on is (include version): CloudLinux 7.9 x86_64

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Plesk Obsidian 18.0.31.3

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

We'are a hosting provider. And this happen to one of our servers.
Which one we have to check first (or step by step) to have troubleshooting about the traffic, that "ridiculously excessive". Once we know the cause, we will immediately take action about it.

1 Like

Welcome to the Let's Encrypt Community :slightly_smiling_face:

Let me request the proper assistance for you. You likely won't receive a response until sometime during the workday on Friday (Pacific Time GMT-7).

@lestaff

Please assist. Thanks much. :slightly_smiling_face:

3 Likes

This is usually a bug in the ACME client you're using, or a serious mis-configuration of it, or both.

That error message is usually only served to IP addresses that have averaged more than two requests/second throughout an entire day, without successfully receiving more than a few certificates.

That means that your ACME client is constantly re-trying failed requests very, very aggressively. In order to avoid hurting our service's performance for other subscribers, we ask that clients pause after a reasonable number of attempts, and also pause if our API starts to return HTTP 429 (Too Many Requests) response codes.

If you've set up some kind of scheduled task to renew certificates, that will be the first place to look. Make sure there isn't a condition that will cause it to run constantly.

It looks like you're using Plesk. In these cases - ACME clients that are packaged inside larger server management or orchestration software - it might be best to check with the software provider to see if they can figure out what's causing this behavior.

7 Likes

Thank you for the responses, @griffin and @JamesLE .
We'll try to check the ones @JamesLE suggest.

6 Likes

Thanks for the prompt response, @JamesLE. :slightly_smiling_face:

3 Likes