Exact response of DigitalOcean Firewall to repeated identical requests


I have a web server with its own iptables firewall. I’ve recently added a DigitalOcean Cloud Firewall as an additional layer of protection, particularly for SSH which is now only accessible via a bastion.

Cloud Firewall config


<redacted non-standard SSH port> bastion-only 80, all IPs, TCP 443, all IPs, TCP


<redacted, hopefully not relevant>


I host an app which is embedded in a major eCommerce platform. That embedding process means that customers, when logging into their stores on that platform, may submit to me an expired access token. I reallocate the token, respond and they resubmit. Because it’s iframed and brokered by the eCommerce platform, this can legitimately happen several times in a row (4 legit requests) that eventually culminate in a successful login.


I think there’s a setting in the Cloud Firewall that’s reacting to the repeated submission of the same request (identical URL and HTTP method) from the same sender. I think it’s delaying the packets by something like 60 seconds.

Testing process

To verify this, I conducted this test:

  • Add DO firewall
  • Test embedded app speed, verify slow.
  • Remove DO firewall
  • Test embedded app speed, verify fast.

I repeated this 5 fives in order to come to my conclusion. It supports but does not prove my assertion.


  1. Can anyone with inside knowledge (hello DO!) verify this how the Cloud Firewall is configured?
  2. Can anyone advise on any configuration changes I can make, short of removing the Cloud Firewall altogether, to stop it slowing down these false-positives please?

Similar questions

I’ve looked at this question, but it seems to be unrelated:


Hi Matt, I’ve been pretty patient on this one, but I now need a reaponse as I have to migrate my production estate to use DigitalOcean Firewalls. I’m fairly certain that the natural Oauth handshaking for the eCommerce platform that I’m using is causing the DO firewall to block legitimate requests. I need my firewalls to stop blocking this or I have to find another platform, which after months of effort (and years with DO) I’m disinclined to do. I’d appreciate a quick reponse. Cheers, Alex

Hi there @alexstanhope,

I’ve reported this internally so that it can be looked into and will keep you updated as I get more information.

Hope that helps! - Matt.

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hey @alexstanhope,

Sorry for the incredibly long delay here! :/

Our network team have just replied on our internal ticket and aren’t really sure what’s going on with the details you’ve given.

They’re asking if you could please create a ticket with our support team so that they can request specific logs from you etc.

Hope that helps, - Matt.