# limiting requests, reject: 429 Too Many Requests

- **ID:** `nginx/limit-req-rejected-request`
- **Domain:** nginx
- **Category:** runtime_error
- **Error Code:** `429`
- **Verification:** ai_generated
- **Fix Rate:** 85%

## Root Cause

The client has exceeded the rate limit defined by the limit_req_zone and limit_req directives, resulting in a 429 status code.

## Version Compatibility

| Version | Status | Introduced | Deprecated |
|---------|--------|------------|------------|
| nginx 1.24.0 | active | — | — |
| nginx 1.22.1 | active | — | — |
| nginx 1.20.2 | active | — | — |

## Workarounds

1. **Increase the rate limit in the http block: 'limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10r/s;' and adjust the location block: 'limit_req zone=mylimit burst=20 nodelay;' to allow bursts.** (90% success)
   ```
   Increase the rate limit in the http block: 'limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10r/s;' and adjust the location block: 'limit_req zone=mylimit burst=20 nodelay;' to allow bursts.
   ```
2. **Use a larger burst size to absorb temporary spikes: 'limit_req zone=mylimit burst=50 nodelay;' and ensure the zone size is sufficient (e.g., 10m for 160k IPs).** (85% success)
   ```
   Use a larger burst size to absorb temporary spikes: 'limit_req zone=mylimit burst=50 nodelay;' and ensure the zone size is sufficient (e.g., 10m for 160k IPs).
   ```
3. **Implement client-side retry with exponential backoff to avoid hitting the limit, e.g., in JavaScript with a max retries of 3 and delay doubling.** (80% success)
   ```
   Implement client-side retry with exponential backoff to avoid hitting the limit, e.g., in JavaScript with a max retries of 3 and delay doubling.
   ```

## Dead Ends

- **** — worker_connections controls concurrent connections, not request frequency. (90% fail)
- **** — Rate limiting occurs at the request level, not the body reading phase. (85% fail)
- **** — This removes protection against abuse or DDoS. (10% fail)