При взаимодействии с веб-ресурсами можно столкнуться с различными проблемами. Одна их таких проблем – ошибка с кодом 429 Too Many Requests. Существует две самые распространенные причины возникновения этой ошибки сервера, с которыми нам предстоит разобраться самостоятельно.
Причины появления ошибки сервера 429
DDoS-атаки
Начать следует с того, что чаще всего ошибка 429 сопровождается надписью «The user has sent too many requests in a given amount of time», что означает превышение ограничений по запросам к сайту. Соответственно, именно так происходит предотвращение DDoS-атак, которые и являются основной причиной появления рассматриваемой проблемы. Помимо самого кода, вы увидите и несколько других параметров:
-
Общее количество запросов.
-
Запросы с конкретного IP-адреса в секунду.
-
Количество одновременных запросов.
-
Общее количество запросов с одного IP-адреса.
Если же сама ошибка появляется при использовании поисковых систем или сторонних онлайн-сервисов, которые запрашивают доступ к сайту, вполне возможно, что их блокировка осуществляется со стороны хостинга в связи с тем, что количество запросов превышает ограничение. Для ее решения вам потребуется обратиться напрямую в техническую поддержку с просьбой разрешить подобные запросы.
В случае, когда есть уверенность в том, что ошибка http 429 появилась именно из-за атак на ваш ресурс, советую ознакомиться с отдельным материалом, в котором вы узнаете, как обезопасить себя от DDoS эффективными инструментами и банальными мерами предосторожности.
Подробнее: Способы защиты от DDoS-атаки
Некорректная работа плагинов WordPress
Вторая распространенная причина, которая может быть связана с регулярным появлением неполадки 429, – некорректное функционирование плагинов под управлением CMS WordPress. Для решения этой проблемы потребуется выполнить несколько несложных действий.
Для начала по очереди отключайте каждый установленный скрипт через меню управления этими компонентами. Параллельно проверяйте, появляется ли ошибка. Да, на выполнение этой задачи может уйти много времени, однако это самый эффективный метод выявления плагина, который является триггером. Отметим, что сразу несколько компонентов могут вызывать проблему, поэтому постарайтесь проверить их все.
Что касается использования плагинов, то тут всегда лучше подключать только проверенные и качественные решения. Со списком таких плагинов предлагаю ознакомиться в материале по следующей ссылке.
Если после проверки неполадка все еще не исчезла, переключитесь на стандартную тему WordPress, которая называется Twenty Seventeen. Это действие поможет понять, связана ли ошибка сервера 429 со скриптами, которые входят в пользовательский шаблон оформления сайта. В том случае, когда трудность действительно была связана с темой, придется переделать ее вручную или же подыскать новый вариант для своего веб-ресурса.
Действия со стороны обычного пользователя
Обычный пользователь, который сталкивается с неполадкой 429 при попытке просмотреть конкретный сайт, не сможет ничего предпринять самостоятельно, чтобы решить ее. Однако, если есть возможность, стоит обратиться напрямую к владельцу интернет-ресурса или администраторам, сообщив им о появившейся ошибке. Так вы дадите понять, что сайт работает не так, как это нужно, и ускорите процесс решения трудностей.
Ошибка HTTP с кодом 429 – неприятная ситуация, которая может коснуться каждого владельца сайта. Из приведенного выше материала вы поняли, что существует две основные причины, которые могут ее вызывать. Теперь остается только разобраться с каждой из них и провести проверочные работы, чтобы оперативно исправить сложившуюся ситуацию.
Sooner or later, every website runs into a bug or error that’s difficult to troubleshoot. Often, that’s because the error itself doesn’t give you many details. The 429 Too Many Requests error is one such example.
We know what its most common causes are, fortunately. Since there are several potential culprits, however, you’ll often need to try more than one fix before you can resolve it.
In this article, we’re going to talk about what causes the 429 Too Many Requests error and what it looks like. Then we’ll go over five ways you can troubleshoot your website if you ever run into this particular issue. Let’s get to work!
- What is the HTTP 429 Error
- What Causes the 429 Too Many Requests Error
- How to Fix the 429 Too Many Requests Error (5 Methods)
How to Fix 429 Too Many Requests in WordPress:
You’re receiving the 429 Too Many Requests error message because the user has sent too many requests in a given amount of time (could be a plugin, a DDos, or something else). It’s a server telling you to please stop sending requests.
To fix it in WordPress, try one of these 5 methods:
- Change your WordPress default login URL
- Check whether your HTTPS internal links are causing the issue
- Deactivate all your WordPress plugin
- Switch to a default WordPress theme
- Contact your hosting provider
What is the HTTP 429 Error?
The HTTP 429 error is returned when a user has sent too many requests within a short period of time. The 429 status code is intended for use with rate-limiting schemes.
Check Out Our Video Guide to the 429 Too Many Requests Error
What Causes the HTTP 429 Too Many Requests Error
In some cases, when your server detects that a user agent is trying to access a specific page too often in a short period of time, it triggers a rate-limiting feature. The most common example of this is when a user (or an attacker) repeatedly tries to log into your site.
However, your server may also identify users with cookies, rather than by their login credentials. Requests may also be counted on a per-request basis, across your server, or across several servers. So there are a variety of situations that can result in you seeing an error like one of these:
- 429 Too Many Requests
- 429 Error
- HTTP 429
- Error 429 (Too Many Requests)
The error may also include additional details regarding the reason for the 429 status code, and how long the user must wait before attempting to log in again. Here’s an example of what that might look like:
HTTP/1.1 429 Too Many Requests
Content-type: text/html
Retry-After: 3600
<html>
<head>
<title>Too Many Requests</title>
</head>
<body>
<h1>Too Many Requests</h1>
<p>I only allow 50 requests per hour to this website per logged in user. Try again soon. </p>
</body>
</html>
Regardless of how the error appears, it always means the same thing – there’s a user or a snippet of code that’s overwhelming your server with too many requests. Sometimes, the problem can go away on its own. In other situations, such as those caused by issues with a plugin or Denial of Service (DDoS) attacks, you’ll need to be proactive in order to resolve the error.
The problem is that the 429 error most often affects your login page, which can make it impossible for you to access your website’s dashboard. That can make fixing it a little tricky, but it’s still achievable if you know what to try.
How to Fix the 429 Too Many Requests Error (5 Methods)
As you might imagine, we deal with a lot of WordPress support requests due to the nature of the services we offer. That means we’re intimately familiar with the 429 error, and its many potential causes.
In the following sections, we’ll cover five of the most common causes we’ve seen for the 429 Too Many Requests error in WordPress. For each potential issue, we’ll also teach you how to go about fixing it, so you can get your site back up and running quickly.
1. Change Your WordPress Default Login URL
Brute-force login attempts are one of the leading causes of the 429 error on WordPress websites. One quick way to prevent attackers from trying to break through your WordPress login page is to change its URL from the default option, so they can’t find it in the first place.
By default, you can find your login page by navigating to yourwebsite.com/wp-admin. That’s pretty easy to remember, but it’s also downright insecure since everyone on the web will know exactly where to access it.
The easiest way to change your default WordPress URL is by using the free WPS Hide Login plugin:
Let’s walk through the process of using this particular tool. You’ll first want to install and activate the plugin just as you would any other, and then navigate to the Settings > WPS Hide Login tab in your WordPress dashboard:
Here, you can easily change your login URL by typing in whatever extension you’d like to use. Make sure to stay away from easy-to-guess options such as login, wp-login, and so on. This would defeat the purpose of changing your URL in the first place, so you’ll want to come up with something unique to your site.
Note that this plugin also enables you to redirect users who try to access your old login URL to another page. For example, the default option will show anyone who tries to visit /wp-admin a 404 error page, so they’ll know they’re looking in the wrong place. When you’re done, remember to save the changes to your settings, and you’ll be good to go.
2. Disable the Really Simple SSL Plugin and Replace Your Internal Links
These days, there’s no good reason you shouldn’t have a Secure Sockets Layer (SSL) certificate set up for your website. Likewise, your entire website should load over HTTPS. This is far more secure than using the older HTTP protocol, and it can even have a positive effect on your site’s Search Engine Optimization (SEO).
When it comes to enforcing HTTPS use, you can either use the manual route – such as an .htaccess redirect – or a plugin. One of the most popular choices is Really Simple SSL:
This plugin’s appeal is that it forces your entire website to load over HTTPS with just a couple of clicks. However, in our experience, it can also lead to occasional bugs. For instance, under some circumstances, it can trigger the 429 error we’ve been talking about.
There’s nothing inherently wrong with this plugin, but it’s definitely not the best way to implement HTTPS use. The problem is that, even if you implement HTTPS manually, you’re still left with the problem of what to do about internal links. Chances are there are a lot of internal links throughout your website, so you’ll need to find a way to replace all of them with their HTTPS versions after disabling the plugin.
First, you’ll want to take care of the plugin itself. If you have access to the WordPress admin area, disabling Really Simple SSL shouldn’t be an issue – just hit Deactivate and you’re done:
However since the 429 Too Many Requests Error often blocks you from accessing your dashboard, you might have to take the manual route and disable the plugin using an FTP client.
Either way, once the Really Simple SSL plugin is gone, the 429 error should be resolved. That means you can access your dashboard to set up a new plugin, which will help you replace all of your internal links in one swoop. That plugin is called Search and Replace:
Go ahead and activate the plugin, then navigate to the Tools > Search & Replace tab in WordPress. Inside, select the wp_postmeta table, and then enter the following parameters alongside the Search for and Replace with fields respectively:
If your site uses a non-www domain:
http://yourwebsiteurl.com
https://yourwebsiteurl.com
In some cases, there may be www instances of your domain in the database as well, so we also recommend running another search and replace with the settings below.
http://www.yourwebsiteurl.com
https://yourwebsiteurl.com
If your site uses a www domain:
http://www.yourwebsiteurl.com
https://www.yourwebsiteurl.com
To replace non-www instances of your domain in the database, run another search and replace with the settings below:
http://www.yourwebsiteurl.com
https://yourwebsiteurl.com
Then select the dry run option, which will let you know how many instances of your HTTP URLs the plugin will replace within your database. After that dry run, execute the plugin for real and it will replace all the necessary links.
Keep in mind that after disabling the Really Simple SSL plugin, you’ll also need to set up a site-wide HTTPS redirect using your .htaccess file. This will enable you to implement HTTPS effectively, without the risk of further 429 errors.
3. Temporarily Deactivate All of Your WordPress Plugins
So far, we’ve focused on a single plugin that may cause the 429 error. However, in practice, any plugin could cause this issue if it makes too many external requests. If neither of the above methods leads to a solution in your case, it may be time to try disabling all of your plugins at once, to ensure that they aren’t the problem.
For this section, we’ll assume you don’t have access to your dashboard and can’t disable plugins the usual way. In that case, you’ll need to access your website via FTP using a client such as Filezilla, and navigate to the public_html/wp-content/ directory.
Inside, there should be several folders, one of which is called plugins:
Right click on that folder, and change its name to something else, such as plugins.deactivated. Once you do that, WordPress won’t be able to ‘find’ any of the plugins, and it will automatically deactivate all of them. However, before you try to access your site again, go ahead and create a new empty folder called plugins, so WordPress will still function as normal.
If the 429 error is gone when you next visit your site, you can assume that one of the plugins you turned off was the culprit. That means you need to narrow down which one caused the problem. To do that, you’ll want to:
- Delete the empty plugins directory you set up a minute ago, and restore the previous folder to its original name.
- Access the plugins directory.
- Rename one of the plugin folders within to anything else, which will deactivate only that specific plugin.
- Try to access your website, and see if the 429 error is gone.
- If the error persists, return that plugin folder to its original name and repeat steps 3 and 4 with the next one.
By moving down your list of active plugins one by one, you should eventually discover which one is the culprit. Once you figure out which plugin is behind the 429 Too Many Requests error, you can delete it altogether, which should fix the issue.
4. Switch to a Default WordPress Theme
If it turns out that a plugin isn’t the cause of your 429 error, it’s possible that your active theme might be at fault. To figure out if that’s the case, you can disable your active theme manually, forcing WordPress to switch to one of the default templates that ships with the CMS.
This process works much the same as disabling plugins manually. You’ll want to launch your trusty FTP client once more, and this time navigate to the public_html/wp-content/themes directory. Once there, look for the folder that corresponds to your active theme and rename it to anything else you want.
If you try to access your website after that, the 429 Too Many Requests error should be gone. You’ll also notice that everything looks quite a bit different. Don’t panic, though, your theme and all of its customizations are still there.
All you need to do is return the theme folder to its original name and activate it once more. If the 429 error returns afterward, then you might need to contact the theme’s developers or consider changing your site’s theme and delete it eventually.
5. Contact Your Host If You Still Can’t Resolve the Error
In some instances, it’s possible that the cause behind the 429 error originated with your server, rather than with your website itself. If this is the case for you, no amount of work on your part will be able to fully resolve the problem.
For example, some web hosts will block requests from specific third-party services or platforms. These can include search engines, crawlers, and other apps (such as Google Search Console) that make large numbers of requests to your website.
Contacting your hosting provider and asking them to allow these requests can solve the issue. Additionally, even if limitations placed on your server by your host aren’t the cause of the problem, they may be able to provide valuable insight and advice that can help you find the correct solution.
Getting the 429 Too Many Requests error message? That’s a bummer but don’t despair, we’ve got you covered with our guide!😭🤗Click to Tweet
Summary
Encountering an error on your website is always frustrating. However, as far as errors go, those with number codes at least give you enough information to start fixing them. If you run into the 429 Too Many Requests error, you’ll know that something is overwhelming your server with too many requests, so it’s only a matter of identifying what the source of the problem is.
If you do happen to experience the 429 error, here are five ways you can go about troubleshooting it:
- Change your default WordPress login URL.
- Disable the Really Simple SSL plugin.
- Temporarily deactivate all of your WordPress plugins.
- Switch to a default WordPress theme.
- Contact your host if you still can’t resolve the error.
Do you have any questions about how to fix the 429 Too Many Requests error in WordPress? Let’s talk about them in the comments section below!
Код ошибки 429 Too Many Requests говорит о том, что пользователь отправлял чересчур много запросов за единицу времени. Возвращаемый сервером ответ содержит пояснение, а также может включать заголовок Retry-After. Этот заголовок указывает на время, которое необходимо подождать, прежде чем повторять запрос.
О чем свидетельствует «код 429»
Причина появления ответа с кодом 429 — большое количество запросов, которые посылают пользователи, но чаще — поисковики, боты или специальные скрипты. Возврат ошибки 429 — это способ предотвращения DDoS-атак. При выдаче ошибки учитываются такие параметры, как:
- количество элементов в запросе;
- количество запросов в секунду с одного IP-адреса;
- количество одновременных запросов с одного IP-адреса (то есть запросов, посылаемых до получения ответа на предыдущий идентичный запрос);
- общее количество одинаковых запросов с IP-адреса.
Что делать пользователю, когда в браузере появляется код ошибки «429 too many requests»
Если такое сообщение появилось явно по ошибке, свяжитесь с технической поддержкой сайта. Зачастую виновником выступает некорректно работающий плагин CMS WordPress. Если вы являетесь владельцем сайта, а ваши пользователи регулярно жалуются на возникновение ошибки 429, для того, чтобы понять, так ли это, отключите все плагины на вашем сайте и проверяйте их работу по очереди.
Причины возникновения кода «429»
Причина практически всегда состоит в том, что сайт пытаются атаковать с помощью DDoS. Изредка возможно возникновение подобной ошибки из-за некорректной работы компонентов сайта.
Вас также может заинтересовать
Sooner or later, every website runs into a bug or error that’s difficult to troubleshoot. Often, that’s because the error itself doesn’t give you many details. The 429 Too Many Requests error is one such example.
We know what its most common causes are, fortunately. Since there are several potential culprits, however, you’ll often need to try more than one fix before you can resolve it.
In this article, we’re going to talk about what causes the 429 Too Many Requests error and what it looks like. Then we’ll go over five ways you can troubleshoot your website if you ever run into this particular issue. Let’s get to work!
- What is the HTTP 429 Error
- What Causes the 429 Too Many Requests Error
- How to Fix the 429 Too Many Requests Error (5 Methods)
How to Fix 429 Too Many Requests in WordPress:
You’re receiving the 429 Too Many Requests error message because the user has sent too many requests in a given amount of time (could be a plugin, a DDos, or something else). It’s a server telling you to please stop sending requests.
To fix it in WordPress, try one of these 5 methods:
- Change your WordPress default login URL
- Check whether your HTTPS internal links are causing the issue
- Deactivate all your WordPress plugin
- Switch to a default WordPress theme
- Contact your hosting provider
What is the HTTP 429 Error?
The HTTP 429 error is returned when a user has sent too many requests within a short period of time. The 429 status code is intended for use with rate-limiting schemes.
Check Out Our Video Guide to the 429 Too Many Requests Error
What Causes the HTTP 429 Too Many Requests Error
In some cases, when your server detects that a user agent is trying to access a specific page too often in a short period of time, it triggers a rate-limiting feature. The most common example of this is when a user (or an attacker) repeatedly tries to log into your site.
However, your server may also identify users with cookies, rather than by their login credentials. Requests may also be counted on a per-request basis, across your server, or across several servers. So there are a variety of situations that can result in you seeing an error like one of these:
- 429 Too Many Requests
- 429 Error
- HTTP 429
- Error 429 (Too Many Requests)
The error may also include additional details regarding the reason for the 429 status code, and how long the user must wait before attempting to log in again. Here’s an example of what that might look like:
HTTP/1.1 429 Too Many Requests
Content-type: text/html
Retry-After: 3600
<html>
<head>
<title>Too Many Requests</title>
</head>
<body>
<h1>Too Many Requests</h1>
<p>I only allow 50 requests per hour to this website per logged in user. Try again soon. </p>
</body>
</html>
Regardless of how the error appears, it always means the same thing – there’s a user or a snippet of code that’s overwhelming your server with too many requests. Sometimes, the problem can go away on its own. In other situations, such as those caused by issues with a plugin or Denial of Service (DDoS) attacks, you’ll need to be proactive in order to resolve the error.
The problem is that the 429 error most often affects your login page, which can make it impossible for you to access your website’s dashboard. That can make fixing it a little tricky, but it’s still achievable if you know what to try.
How to Fix the 429 Too Many Requests Error (5 Methods)
As you might imagine, we deal with a lot of WordPress support requests due to the nature of the services we offer. That means we’re intimately familiar with the 429 error, and its many potential causes.
In the following sections, we’ll cover five of the most common causes we’ve seen for the 429 Too Many Requests error in WordPress. For each potential issue, we’ll also teach you how to go about fixing it, so you can get your site back up and running quickly.
1. Change Your WordPress Default Login URL
Brute-force login attempts are one of the leading causes of the 429 error on WordPress websites. One quick way to prevent attackers from trying to break through your WordPress login page is to change its URL from the default option, so they can’t find it in the first place.
By default, you can find your login page by navigating to yourwebsite.com/wp-admin. That’s pretty easy to remember, but it’s also downright insecure since everyone on the web will know exactly where to access it.
The easiest way to change your default WordPress URL is by using the free WPS Hide Login plugin:
Let’s walk through the process of using this particular tool. You’ll first want to install and activate the plugin just as you would any other, and then navigate to the Settings > WPS Hide Login tab in your WordPress dashboard:
Here, you can easily change your login URL by typing in whatever extension you’d like to use. Make sure to stay away from easy-to-guess options such as login, wp-login, and so on. This would defeat the purpose of changing your URL in the first place, so you’ll want to come up with something unique to your site.
Note that this plugin also enables you to redirect users who try to access your old login URL to another page. For example, the default option will show anyone who tries to visit /wp-admin a 404 error page, so they’ll know they’re looking in the wrong place. When you’re done, remember to save the changes to your settings, and you’ll be good to go.
2. Disable the Really Simple SSL Plugin and Replace Your Internal Links
These days, there’s no good reason you shouldn’t have a Secure Sockets Layer (SSL) certificate set up for your website. Likewise, your entire website should load over HTTPS. This is far more secure than using the older HTTP protocol, and it can even have a positive effect on your site’s Search Engine Optimization (SEO).
When it comes to enforcing HTTPS use, you can either use the manual route – such as an .htaccess redirect – or a plugin. One of the most popular choices is Really Simple SSL:
This plugin’s appeal is that it forces your entire website to load over HTTPS with just a couple of clicks. However, in our experience, it can also lead to occasional bugs. For instance, under some circumstances, it can trigger the 429 error we’ve been talking about.
There’s nothing inherently wrong with this plugin, but it’s definitely not the best way to implement HTTPS use. The problem is that, even if you implement HTTPS manually, you’re still left with the problem of what to do about internal links. Chances are there are a lot of internal links throughout your website, so you’ll need to find a way to replace all of them with their HTTPS versions after disabling the plugin.
First, you’ll want to take care of the plugin itself. If you have access to the WordPress admin area, disabling Really Simple SSL shouldn’t be an issue – just hit Deactivate and you’re done:
However since the 429 Too Many Requests Error often blocks you from accessing your dashboard, you might have to take the manual route and disable the plugin using an FTP client.
Either way, once the Really Simple SSL plugin is gone, the 429 error should be resolved. That means you can access your dashboard to set up a new plugin, which will help you replace all of your internal links in one swoop. That plugin is called Search and Replace:
Go ahead and activate the plugin, then navigate to the Tools > Search & Replace tab in WordPress. Inside, select the wp_postmeta table, and then enter the following parameters alongside the Search for and Replace with fields respectively:
If your site uses a non-www domain:
http://yourwebsiteurl.com
https://yourwebsiteurl.com
In some cases, there may be www instances of your domain in the database as well, so we also recommend running another search and replace with the settings below.
http://www.yourwebsiteurl.com
https://yourwebsiteurl.com
If your site uses a www domain:
http://www.yourwebsiteurl.com
https://www.yourwebsiteurl.com
To replace non-www instances of your domain in the database, run another search and replace with the settings below:
http://www.yourwebsiteurl.com
https://yourwebsiteurl.com
Then select the dry run option, which will let you know how many instances of your HTTP URLs the plugin will replace within your database. After that dry run, execute the plugin for real and it will replace all the necessary links.
Keep in mind that after disabling the Really Simple SSL plugin, you’ll also need to set up a site-wide HTTPS redirect using your .htaccess file. This will enable you to implement HTTPS effectively, without the risk of further 429 errors.
3. Temporarily Deactivate All of Your WordPress Plugins
So far, we’ve focused on a single plugin that may cause the 429 error. However, in practice, any plugin could cause this issue if it makes too many external requests. If neither of the above methods leads to a solution in your case, it may be time to try disabling all of your plugins at once, to ensure that they aren’t the problem.
For this section, we’ll assume you don’t have access to your dashboard and can’t disable plugins the usual way. In that case, you’ll need to access your website via FTP using a client such as Filezilla, and navigate to the public_html/wp-content/ directory.
Inside, there should be several folders, one of which is called plugins:
Right click on that folder, and change its name to something else, such as plugins.deactivated. Once you do that, WordPress won’t be able to ‘find’ any of the plugins, and it will automatically deactivate all of them. However, before you try to access your site again, go ahead and create a new empty folder called plugins, so WordPress will still function as normal.
If the 429 error is gone when you next visit your site, you can assume that one of the plugins you turned off was the culprit. That means you need to narrow down which one caused the problem. To do that, you’ll want to:
- Delete the empty plugins directory you set up a minute ago, and restore the previous folder to its original name.
- Access the plugins directory.
- Rename one of the plugin folders within to anything else, which will deactivate only that specific plugin.
- Try to access your website, and see if the 429 error is gone.
- If the error persists, return that plugin folder to its original name and repeat steps 3 and 4 with the next one.
By moving down your list of active plugins one by one, you should eventually discover which one is the culprit. Once you figure out which plugin is behind the 429 Too Many Requests error, you can delete it altogether, which should fix the issue.
4. Switch to a Default WordPress Theme
If it turns out that a plugin isn’t the cause of your 429 error, it’s possible that your active theme might be at fault. To figure out if that’s the case, you can disable your active theme manually, forcing WordPress to switch to one of the default templates that ships with the CMS.
This process works much the same as disabling plugins manually. You’ll want to launch your trusty FTP client once more, and this time navigate to the public_html/wp-content/themes directory. Once there, look for the folder that corresponds to your active theme and rename it to anything else you want.
If you try to access your website after that, the 429 Too Many Requests error should be gone. You’ll also notice that everything looks quite a bit different. Don’t panic, though, your theme and all of its customizations are still there.
All you need to do is return the theme folder to its original name and activate it once more. If the 429 error returns afterward, then you might need to contact the theme’s developers or consider changing your site’s theme and delete it eventually.
5. Contact Your Host If You Still Can’t Resolve the Error
In some instances, it’s possible that the cause behind the 429 error originated with your server, rather than with your website itself. If this is the case for you, no amount of work on your part will be able to fully resolve the problem.
For example, some web hosts will block requests from specific third-party services or platforms. These can include search engines, crawlers, and other apps (such as Google Search Console) that make large numbers of requests to your website.
Contacting your hosting provider and asking them to allow these requests can solve the issue. Additionally, even if limitations placed on your server by your host aren’t the cause of the problem, they may be able to provide valuable insight and advice that can help you find the correct solution.
Getting the 429 Too Many Requests error message? That’s a bummer but don’t despair, we’ve got you covered with our guide!😭🤗Click to Tweet
Summary
Encountering an error on your website is always frustrating. However, as far as errors go, those with number codes at least give you enough information to start fixing them. If you run into the 429 Too Many Requests error, you’ll know that something is overwhelming your server with too many requests, so it’s only a matter of identifying what the source of the problem is.
If you do happen to experience the 429 error, here are five ways you can go about troubleshooting it:
- Change your default WordPress login URL.
- Disable the Really Simple SSL plugin.
- Temporarily deactivate all of your WordPress plugins.
- Switch to a default WordPress theme.
- Contact your host if you still can’t resolve the error.
Do you have any questions about how to fix the 429 Too Many Requests error in WordPress? Let’s talk about them in the comments section below!
Get all your applications, databases and WordPress sites online and under one roof. Our feature-packed, high-performance cloud platform includes:
- Easy setup and management in the MyKinsta dashboard
- 24/7 expert support
- The best Google Cloud Platform hardware and network, powered by Kubernetes for maximum scalability
- An enterprise-level Cloudflare integration for speed and security
- Global audience reach with up to 35 data centers and 275+ PoPs worldwide
Test it yourself with $20 off your first month of Application Hosting or Database Hosting. Explore our plans or talk to sales to find your best fit.
Sooner or later, every website runs into a bug or error that’s difficult to troubleshoot. Often, that’s because the error itself doesn’t give you many details. The 429 Too Many Requests error is one such example.
We know what its most common causes are, fortunately. Since there are several potential culprits, however, you’ll often need to try more than one fix before you can resolve it.
In this article, we’re going to talk about what causes the 429 Too Many Requests error and what it looks like. Then we’ll go over five ways you can troubleshoot your website if you ever run into this particular issue. Let’s get to work!
- What is the HTTP 429 Error
- What Causes the 429 Too Many Requests Error
- How to Fix the 429 Too Many Requests Error (5 Methods)
How to Fix 429 Too Many Requests in WordPress:
You’re receiving the 429 Too Many Requests error message because the user has sent too many requests in a given amount of time (could be a plugin, a DDos, or something else). It’s a server telling you to please stop sending requests.
To fix it in WordPress, try one of these 5 methods:
- Change your WordPress default login URL
- Check whether your HTTPS internal links are causing the issue
- Deactivate all your WordPress plugin
- Switch to a default WordPress theme
- Contact your hosting provider
What is the HTTP 429 Error?
The HTTP 429 error is returned when a user has sent too many requests within a short period of time. The 429 status code is intended for use with rate-limiting schemes.
Check Out Our Video Guide to the 429 Too Many Requests Error
What Causes the HTTP 429 Too Many Requests Error
In some cases, when your server detects that a user agent is trying to access a specific page too often in a short period of time, it triggers a rate-limiting feature. The most common example of this is when a user (or an attacker) repeatedly tries to log into your site.
However, your server may also identify users with cookies, rather than by their login credentials. Requests may also be counted on a per-request basis, across your server, or across several servers. So there are a variety of situations that can result in you seeing an error like one of these:
- 429 Too Many Requests
- 429 Error
- HTTP 429
- Error 429 (Too Many Requests)
The error may also include additional details regarding the reason for the 429 status code, and how long the user must wait before attempting to log in again. Here’s an example of what that might look like:
HTTP/1.1 429 Too Many Requests
Content-type: text/html
Retry-After: 3600
<html>
<head>
<title>Too Many Requests</title>
</head>
<body>
<h1>Too Many Requests</h1>
<p>I only allow 50 requests per hour to this website per logged in user. Try again soon. </p>
</body>
</html>
Regardless of how the error appears, it always means the same thing – there’s a user or a snippet of code that’s overwhelming your server with too many requests. Sometimes, the problem can go away on its own. In other situations, such as those caused by issues with a plugin or Denial of Service (DDoS) attacks, you’ll need to be proactive in order to resolve the error.
The problem is that the 429 error most often affects your login page, which can make it impossible for you to access your website’s dashboard. That can make fixing it a little tricky, but it’s still achievable if you know what to try.
How to Fix the 429 Too Many Requests Error (5 Methods)
As you might imagine, we deal with a lot of WordPress support requests due to the nature of the services we offer. That means we’re intimately familiar with the 429 error, and its many potential causes.
In the following sections, we’ll cover five of the most common causes we’ve seen for the 429 Too Many Requests error in WordPress. For each potential issue, we’ll also teach you how to go about fixing it, so you can get your site back up and running quickly.
1. Change Your WordPress Default Login URL
Brute-force login attempts are one of the leading causes of the 429 error on WordPress websites. One quick way to prevent attackers from trying to break through your WordPress login page is to change its URL from the default option, so they can’t find it in the first place.
By default, you can find your login page by navigating to yourwebsite.com/wp-admin. That’s pretty easy to remember, but it’s also downright insecure since everyone on the web will know exactly where to access it.
The easiest way to change your default WordPress URL is by using the free WPS Hide Login plugin:
Let’s walk through the process of using this particular tool. You’ll first want to install and activate the plugin just as you would any other, and then navigate to the Settings > WPS Hide Login tab in your WordPress dashboard:
Here, you can easily change your login URL by typing in whatever extension you’d like to use. Make sure to stay away from easy-to-guess options such as login, wp-login, and so on. This would defeat the purpose of changing your URL in the first place, so you’ll want to come up with something unique to your site.
Note that this plugin also enables you to redirect users who try to access your old login URL to another page. For example, the default option will show anyone who tries to visit /wp-admin a 404 error page, so they’ll know they’re looking in the wrong place. When you’re done, remember to save the changes to your settings, and you’ll be good to go.
2. Disable the Really Simple SSL Plugin and Replace Your Internal Links
These days, there’s no good reason you shouldn’t have a Secure Sockets Layer (SSL) certificate set up for your website. Likewise, your entire website should load over HTTPS. This is far more secure than using the older HTTP protocol, and it can even have a positive effect on your site’s Search Engine Optimization (SEO).
When it comes to enforcing HTTPS use, you can either use the manual route – such as an .htaccess redirect – or a plugin. One of the most popular choices is Really Simple SSL:
This plugin’s appeal is that it forces your entire website to load over HTTPS with just a couple of clicks. However, in our experience, it can also lead to occasional bugs. For instance, under some circumstances, it can trigger the 429 error we’ve been talking about.
There’s nothing inherently wrong with this plugin, but it’s definitely not the best way to implement HTTPS use. The problem is that, even if you implement HTTPS manually, you’re still left with the problem of what to do about internal links. Chances are there are a lot of internal links throughout your website, so you’ll need to find a way to replace all of them with their HTTPS versions after disabling the plugin.
First, you’ll want to take care of the plugin itself. If you have access to the WordPress admin area, disabling Really Simple SSL shouldn’t be an issue – just hit Deactivate and you’re done:
However since the 429 Too Many Requests Error often blocks you from accessing your dashboard, you might have to take the manual route and disable the plugin using an FTP client.
Either way, once the Really Simple SSL plugin is gone, the 429 error should be resolved. That means you can access your dashboard to set up a new plugin, which will help you replace all of your internal links in one swoop. That plugin is called Search and Replace:
Go ahead and activate the plugin, then navigate to the Tools > Search & Replace tab in WordPress. Inside, select the wp_postmeta table, and then enter the following parameters alongside the Search for and Replace with fields respectively:
If your site uses a non-www domain:
http://yourwebsiteurl.com
https://yourwebsiteurl.com
In some cases, there may be www instances of your domain in the database as well, so we also recommend running another search and replace with the settings below.
http://www.yourwebsiteurl.com
https://yourwebsiteurl.com
If your site uses a www domain:
http://www.yourwebsiteurl.com
https://www.yourwebsiteurl.com
To replace non-www instances of your domain in the database, run another search and replace with the settings below:
http://www.yourwebsiteurl.com
https://yourwebsiteurl.com
Then select the dry run option, which will let you know how many instances of your HTTP URLs the plugin will replace within your database. After that dry run, execute the plugin for real and it will replace all the necessary links.
Keep in mind that after disabling the Really Simple SSL plugin, you’ll also need to set up a site-wide HTTPS redirect using your .htaccess file. This will enable you to implement HTTPS effectively, without the risk of further 429 errors.
3. Temporarily Deactivate All of Your WordPress Plugins
So far, we’ve focused on a single plugin that may cause the 429 error. However, in practice, any plugin could cause this issue if it makes too many external requests. If neither of the above methods leads to a solution in your case, it may be time to try disabling all of your plugins at once, to ensure that they aren’t the problem.
For this section, we’ll assume you don’t have access to your dashboard and can’t disable plugins the usual way. In that case, you’ll need to access your website via FTP using a client such as Filezilla, and navigate to the public_html/wp-content/ directory.
Inside, there should be several folders, one of which is called plugins:
Right click on that folder, and change its name to something else, such as plugins.deactivated. Once you do that, WordPress won’t be able to ‘find’ any of the plugins, and it will automatically deactivate all of them. However, before you try to access your site again, go ahead and create a new empty folder called plugins, so WordPress will still function as normal.
If the 429 error is gone when you next visit your site, you can assume that one of the plugins you turned off was the culprit. That means you need to narrow down which one caused the problem. To do that, you’ll want to:
- Delete the empty plugins directory you set up a minute ago, and restore the previous folder to its original name.
- Access the plugins directory.
- Rename one of the plugin folders within to anything else, which will deactivate only that specific plugin.
- Try to access your website, and see if the 429 error is gone.
- If the error persists, return that plugin folder to its original name and repeat steps 3 and 4 with the next one.
By moving down your list of active plugins one by one, you should eventually discover which one is the culprit. Once you figure out which plugin is behind the 429 Too Many Requests error, you can delete it altogether, which should fix the issue.
4. Switch to a Default WordPress Theme
If it turns out that a plugin isn’t the cause of your 429 error, it’s possible that your active theme might be at fault. To figure out if that’s the case, you can disable your active theme manually, forcing WordPress to switch to one of the default templates that ships with the CMS.
This process works much the same as disabling plugins manually. You’ll want to launch your trusty FTP client once more, and this time navigate to the public_html/wp-content/themes directory. Once there, look for the folder that corresponds to your active theme and rename it to anything else you want.
If you try to access your website after that, the 429 Too Many Requests error should be gone. You’ll also notice that everything looks quite a bit different. Don’t panic, though, your theme and all of its customizations are still there.
All you need to do is return the theme folder to its original name and activate it once more. If the 429 error returns afterward, then you might need to contact the theme’s developers or consider changing your site’s theme and delete it eventually.
5. Contact Your Host If You Still Can’t Resolve the Error
In some instances, it’s possible that the cause behind the 429 error originated with your server, rather than with your website itself. If this is the case for you, no amount of work on your part will be able to fully resolve the problem.
For example, some web hosts will block requests from specific third-party services or platforms. These can include search engines, crawlers, and other apps (such as Google Search Console) that make large numbers of requests to your website.
Contacting your hosting provider and asking them to allow these requests can solve the issue. Additionally, even if limitations placed on your server by your host aren’t the cause of the problem, they may be able to provide valuable insight and advice that can help you find the correct solution.
Getting the 429 Too Many Requests error message? That’s a bummer but don’t despair, we’ve got you covered with our guide!😭🤗Click to Tweet
Summary
Encountering an error on your website is always frustrating. However, as far as errors go, those with number codes at least give you enough information to start fixing them. If you run into the 429 Too Many Requests error, you’ll know that something is overwhelming your server with too many requests, so it’s only a matter of identifying what the source of the problem is.
If you do happen to experience the 429 error, here are five ways you can go about troubleshooting it:
- Change your default WordPress login URL.
- Disable the Really Simple SSL plugin.
- Temporarily deactivate all of your WordPress plugins.
- Switch to a default WordPress theme.
- Contact your host if you still can’t resolve the error.
Do you have any questions about how to fix the 429 Too Many Requests error in WordPress? Let’s talk about them in the comments section below!
Get all your applications, databases and WordPress sites online and under one roof. Our feature-packed, high-performance cloud platform includes:
- Easy setup and management in the MyKinsta dashboard
- 24/7 expert support
- The best Google Cloud Platform hardware and network, powered by Kubernetes for maximum scalability
- An enterprise-level Cloudflare integration for speed and security
- Global audience reach with up to 35 data centers and 275+ PoPs worldwide
Test it yourself with $20 off your first month of Application Hosting or Database Hosting. Explore our plans or talk to sales to find your best fit.
Код ошибки 429 Too Many Requests говорит о том, что пользователь отправлял чересчур много запросов за единицу времени. Возвращаемый сервером ответ содержит пояснение, а также может включать заголовок Retry-After. Этот заголовок указывает на время, которое необходимо подождать, прежде чем повторять запрос.
О чем свидетельствует «код 429»
Причина появления ответа с кодом 429 — большое количество запросов, которые посылают пользователи, но чаще — поисковики, боты или специальные скрипты. Возврат ошибки 429 — это способ предотвращения DDoS-атак. При выдаче ошибки учитываются такие параметры, как:
- количество элементов в запросе;
- количество запросов в секунду с одного IP-адреса;
- количество одновременных запросов с одного IP-адреса (то есть запросов, посылаемых до получения ответа на предыдущий идентичный запрос);
- общее количество одинаковых запросов с IP-адреса.
Что делать пользователю, когда в браузере появляется код ошибки «429 too many requests»
Если такое сообщение появилось явно по ошибке, свяжитесь с технической поддержкой сайта. Зачастую виновником выступает некорректно работающий плагин CMS WordPress. Если вы являетесь владельцем сайта, а ваши пользователи регулярно жалуются на возникновение ошибки 429, для того, чтобы понять, так ли это, отключите все плагины на вашем сайте и проверяйте их работу по очереди.
Причины возникновения кода «429»
Причина практически всегда состоит в том, что сайт пытаются атаковать с помощью DDoS. Изредка возможно возникновение подобной ошибки из-за некорректной работы компонентов сайта.
Вас также может заинтересовать
When browsing the internet, you might run into various unexpected errors: HTTP 500, HTTP 503, HTTP 403, and — of course — HTTP error 429.
HTTP error codes such as 429 are a challenge because they often block you from accessing a website. To make sure you understand and can fix this problem, we’ll go over what “HTTP error 429: Too many requests” means and how to fix it.
HTTP Error 429 is an HTTP response status code that indicates the client application has surpassed its rate limit, or number of requests they can send in a given period of time. Typically, this code will not just tell the client to stop sending requests — it will also specify when they can send another request.
As a website owner, you’ll run into an error message from time to time. Some of these errors will be relatively simple to solve, while others will be more intricate. Take the HTTP error 429 for example.
Image Source
Troubleshooting this error is complicated because it provides few details on what it is or how to solve it. You know something’s wrong and you need to fix it — but you’re not exactly sure what happened or why.
Causes of HTTP Error 429: Too Many Requests
A 429 response is not technically an error — it’s a response from a server, application programming interface (API), or plugin that tells the client application to stop sending requests because they simply don’t have enough resources to accept it at this time.
The client application usually refers to a website or app, but can also refer to individual users like the site admin or a site visitor or hacker.
A 429 error may appear the following ways, with or without the phrase “too many requests”:
-
HTTP error 429
-
HTTP code 429
-
HTTP error code 429
-
HTTP status code 429
-
HTTP response code 429
-
Response code 429
-
429. That’s an error.
-
429 server error
-
There was a problem with the server 429
-
Problem with the server 429
Here are some of the potential causes:
Repeated Requests to the Server
A 429 is often triggered by repeated requests. For instance, if a user is trying to access a page on your website too often in a short period of time, your server may send a 429 error.
Any website or app could experience this error, including Facebook, Etsy, Doordash, Venmo, YouTube, PayPal, Airbnb, Google Search Console, and — of course — WordPress websites (more on how to fix WordPress 429 errors below).
Brute-Force Login Attempts
In the case of a brute-force login attempt, in which a hacker repeatedly tries to log into your site, the 429 error code is an important security measure. It sets a rate limit for additional requests, preventing the brute-force attacker from being successful.
Server Resource Limits
You might also get a 429 error if your website is using up too many resources on a shared hosting server or service. If, for example, more than 50 requests are received from an IP address within one minute, PayPal Sandbox will block that IP for the next five minutes.
While the 429 response may seem punitive, it’s actually a protective measure against users intentionally or accidentally abusing server resources (or an API, plugin, or another service). It’s designed to prevent a backup or overflow of requests that would strain a server, or other service, that is meant to be shared and consumed by many websites and apps. So, by controlling the number and timing of requests, rate limits prevent problems before they arise.
If you are seeing the HTTP 429 error on your site for other reasons, you may need to reduce the number of server requests or API calls you’re making.
How to Fix an HTTP 429 Error
- Wait to send another request.
- Clear your browser’s cache.
- Flush your DNS cache.
- Implement exponential backoff.
Most of the steps below focus on avoiding, rather than retroactively fixing, an HTTP 429 error. Take a look.
1. Wait to send another request.
The simplest way to fix an HTTP 429 error is to wait to send another request. Often, this status code is sent with a “Retry-after” header that specifies a period of time to wait before sending another request. It may specify only a few seconds or minutes.
Here’s an example that asks the client to wait an hour before sending another request.
HTTP/1.1 429 Too Many Requests
Content-Type: text/html
Retry-After: 3600
<html>
<head>
<title>Too Many Requests</title>
</head>
<body>
<h1>Too Many Requests</h1>
<p>Only 100 requests per hour per logged in user is allowed on this website. Try again soon.</p>
</body>
</html>
2. Clear your browser’s cache.
If waiting doesn’t work, try clearing your browser’s cache, which stores your browsing data as well as requests. If you no longer have this data stored in your browser, your next request may go through.
To do so in Chrome:
-
Click CMD + Shift + Delete on Mac or Control + Shift + Delete on Windows.
-
The “Clear browsing data” analog pop up.
-
Click on the Advanced tab.
-
Select the time range and the data you’d like to delete.
-
Click Clear data.
To find instructions for your specific browser, click here.
3. Flush your DNS cache.
Flushing your DNS cache is another option if clearing your browser’s cache doesn’t work. Your computer’s DNS cache saves your domain name server requests so that it can load websites more quickly the next time you access them. Unfortunately, this may result in HTTP error 429 if you’ve made numerous requests before the DNS cache’s time-to-live naturally expires.
To clear your DNS cache on Mac, take the following steps:
-
“Open Finder.
-
Click Applications.
-
Scroll down to the Utilities folder and click it.
-
Open Terminal.
-
In the Terminal window, enter the following command string: sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder
-
Click enter, then input your admin password.
-
Click enter again.”
Find instructions for more operating systems here.
4. Implement exponential backoff.
If waiting, clearing your cache, or flushing your DNS cache don’t work, look for a “Retry-after” header again. If one is not sent and you don’t know how long to wait before trying, you should implement retries with exponential backoff.
Using this approach, you will not immediately repeat a failed request; instead, you will perform a series of retries with progressively longer wait times between each attempt. When the request is finally accepted, then you will know what wait time or rate is acceptable.
You can do this manually by using an exponential backoff calculator. Here’s how:
-
Access a calculator such as exponentialbackoffcalculator.com.
-
Input a time interval, such as 2 seconds.
-
Input the maximum number of retries or requests you’d like to make.
-
Input an exponential for subsequent requests.
-
Use a manual alarm or timekeeper to make new requests at the resulting timestamps.
Alternatively, if you’re a developer or advanced user, you can add code to implement this approach. For instance, you can use a framework like Celery that comes with a built-in exponential backoff module.
Image Source
The steps discussed above are general fixes for the 429 “Too Many Requests” Error. If you have a WordPress site, then you may need a WordPress-specific solution.
How to Fix HTTP 429 Error on WordPress
If you’re getting an HTTP 429 error on your website, this can pose an issue to you as a WordPress administrator and also hamper your website’s user experience. Here are some tips you can follow:
1. Wait before re-accessing your website.
Your WordPress hosting provider may be receiving too many requests to load your website, resulting in an HTTP 429 error. This is especially likely if you use shared hosting, where your website is only allotted a limited number of resources on the host’s server.
In that case, be patient — the error will resolve on its own. If it keeps happening, however, you might want to upgrade to a dedicated hosting or VPS hosting plan.
You can also try clearing you cache, flushing your DNS cache, and trying exponential backoff during this step.
2. Hide or move your default WordPress login page.
Sometimes, HTTP 429 errors can arise due to cybersecurity attacks such as brute-force attacks on your WordPress login page. You can determine whether you’re under a cybersecurity attack in several ways:
-
Check your traffic sources using a WordPress traffic plugin or a tool such as Google Analytics. If you’re seeing a spike in traffic without a valid reason (such as a marketing or advertising campaign), then you may be under attack.
-
If the traffic source is from an unfamiliar country, that may also be a sign that someone from that location is trying to hack you.
-
If the traffic source is from one specific IP address, that may a sign that a single attacker is trying to login to your backend.
To move your default login page, you only need to change its URL. That can be easily done using the WPS Hide Login plugin.
Here’s how to use it:
-
Install the plugin through your WordPress admin dashboard.
-
Access the plugin’s Settings page.
-
Next to Login URL, add the new slug for your login page.
-
Click Save Changes.
Save the new URL somewhere for safekeeping — the last thing you want is to forget where to login!
3. Deactivate your plugins one-by-one.
If you’re still getting HTTP error 429 after waiting, clearing your cache, and checking for brute force attacks, it’s time to look at the next likely culprit: WordPress plugins.
WordPress plugins offer a wealth of functionality to WordPress website owners, but they can also cause performance issues, including HTTP errors such as 429.
Rather than deactivating them all at once, do so one-by-one so that you can isolate the culprit. Here’s how:
-
On your WordPress dashboard’s sidebar, tap Plugins > Installed Plugins.
-
Click Deactivate on the first plugin.
-
Check to see if this resolves the issue by accessing your website through an incognito window.
-
If not, deactivate the next one until all plugins are deactivated.
-
Activate them one-by-one once you’re finished.
4. Uninstall your custom theme.
If you’re using a custom WordPress theme from a marketplace such as ThemeForest or Envato, that may be the culprit. Make sure you save a backup of your website prior to deactivating the custom theme and temporarily installing a default WordPress theme.
5. Set your own throttling limit for any APIs.
An advanced technique you can try is to set a throttling limit if you’re using APIs on your website. Throttling is the process of limiting the number of requests an application can submit in a given amount of time. If this limit is exceeded, the server or API requests will typically be dropped or fulfilled with cached data.
While this approach is most often used by third-party APIs or platforms to prevent client apps from exceeding their limits, it can also be useful for restricting your own consumption of third-party APIs or server resources.
In fact, you can implement a stricter throttling limit for yourself to prevent going over the limits of a server, API, or other service you’re using. This is an especially good idea if you’re using a costly API, like the Twitter API, and don’t want to exceed your usage policy.
6. Contact your hosting provider.
Contacting your hosting provider is always an option for any error on your website, but it should be one of the last options you try.
If you’ve tried the steps above and are still seeing the 429 error, it’s possible that the cause originated from your server and not your website. It’s also possible that your host blocks requests from specific third-party services or platforms, like Google Search Console, which makes lots of requests to websites. By reaching out to your provider, they may be able to solve the issue or provide valuable insight.
How to Avoid an HTTP 429 Error
The most simple way to avoid this error is to reduce the number of requests made in a short period of time. The server is keeping track of how many requests per time unit you make and will enforce it — leading to a temporary block if exceeded. Some servers send this information in the header, on rare occasions.
And remember, receiving a 429 is not necessarily an error, it’s the server’s way of telling you your rate of requests is too high and not willing to accept those actions.
Though in some instances, the reason for the error may be your server rather than with your website. If that’s the case, nothing you will do from your side will help and you should contact your hosting provider for a resolution.
Resolving the HTTP 429 Error
An HTTP 429 error is common, but can be avoided by paying attention to rate limits set by your server, API, plugin, or more. If you exceed those limits, there are steps you can take to resolve a 429 error. By doing so, you’ll continue to provide visitors with a seamless user experience on your site.
This article was originally published in December 2020 and has been updated for comprehensiveness.
Whether you are a web developer or you are a regular internet user, you might have encountered a 429 error. It means that the website can’t handle the number of requests being sent to it.
For a developer, this error can be hard to resolve because, on many occasions, it doesn’t show what you need to do to fix it.
But if you’re surfing the net as a user and you encounter the error, there could be a hint showing what to do.
In this case, you should wait a bit to make another request. For security reasons, the period of time to wait might not be specified. But if the website proritzes user experience, they’ll show you how much time to wait before making another request.
In this article, I will explain what the 429 error means and how a developer might have implemented it. I will also show what you can do to resolve it as an internet user.
What is the 429 Error?
The 429 error is an HTTP status code. It tells you when the use of an internet resource has surpassed the number of requests it can send within a given period of time.
This error might be shown to you in another form like:
- Error 429
- 429 Too many requests
- 429 (Too many requests)
It all depends on how the administrator in charge of the internet resource customizes it.
In the small app I built to show you how rate limiting is implemented in an Express app, this is how I customized the error:
With this error, the administrators in charge of a website or internet resource are telling you they don’t have enough resources to handle the number of requests you are sending over. This is called “rate limiting”.
What Causes the 429 Error?
The most common cause of the 429 error is not having enough resources to handle so many concurrent requests.
For example, if this error is shown on a hosting server, it could mean that the package you’re using has a limit for the number of requests you can send.
And if the error comes up while making an API request, it means you’ve exceeded the number of requests you can make for a certain period of time.
Also, if a user tries to access a page on a website too often, the server of that website could trigger a rate-limiting feature implemented in it. So, this is a good security measure to put in place in order to prevent attacks from hackers.
For example, this is how you can implement rate limiting in an Express app using the express-rate-limit package:
// Import deps
const express = require("express");
const rateLimit = require("express-rate-limit");
const app = express();
// Port
const port = 4000;
const limiter = rateLimit({
windowMs: 5 * 60 * 1000,
max: 5, // Limits each IP to 5 per 15 minutes
message:
`<h1 style='display:flex; align-items:center; justify-content:center; height:100vh'>
429 - Too many Requests <br> Try again later!
</h1>`,
});
// Apply to all requests
app.use(limiter);
app.get("/", limiter, (req, res) => res.send("Hello World!"));
app.listen(port, () => console.log(`App listening on port ${port}!`));
And when the limit is surpassed for the number of seconds specified, this message gets shown to the user:
What you can do to Resolve the 429 Error
As an internet user, you should wait a bit before making another request. But if the error persists, you should contact the website administrator.
If you’re a web administrator, you should reduce the number of requests you make within the specified time (if any). If you are in control of the limit yourself, you should increase it for a particular period of time.
If the website you’re handling is a WordPress website, one of your plugins or themes might be causing the 429 error. You should disable your site plugins and themes one by one to see which one of them is the cause.
If the error is related to hosting, you should contact the customer care service of your hosting provider.
Conclusion
No website admin wants their server to get clunked up or crash. So, from a technical perspective, the 429 error is not an error. It’s the server’s way of telling you it doesn’t have enough resources to handle the high number of requests you’re making.
Thank you for reading.
Learn to code for free. freeCodeCamp’s open source curriculum has helped more than 40,000 people get jobs as developers. Get started
I am using Azure SignalR with Asp.Net MVC API (with .net framework not .net core) project. I can never connect to Azure’s SignalR service (tried any possible configuration) while everything works fine when signalr is self-hosted.
As I enable CLR exceptions (under Exception Settings pane by checking everything under Common Language Runtime Exceptions) I keep getting the two following errors:
1. System.Net.WebException: ‘The remote server returned an error: (429) Too Many Requests.’
2. System.Net.WebSockets.WebSocketException: ‘Unable to connect to the remote server’.
Inner Exception
WebException: The remote server returned an error: (429) Too Many Requests.
I am using SignalR Free tier but also tried with Standard tier and ended up with the same results.
I keep checking «Connection (max)» graph under «Overview» tab on Azure portal and observing «Server 20, client 0» all the time.
The first time I got the error I assumed I really tried connecting too many times and reached maximum connection/attempt and gave up trying. After some time (approximately 24 hours) I only tried three times and still getting the same exception (429 — too many requests).
This is my configuration (in Startup.cs
):
app.MapAzureSignalR(
"/signalr",
GetType().FullName,
new HubConfiguration
{
// tried all combinations of boolean values below.
EnableDetailedErrors = true,
EnableJSONP = true,
EnableJavaScriptProxies = true
}, options =>
{
options.ConnectionCount = 5; // tried increasing and decreasing that number.
options.ConnectionString = "<my connection string from azure portal signalr service>";
options.AccessTokenLifetime = TimeSpan.FromDays(1); // tried even removing.
}
);
This code runs on my local machine, not on Azure’s AppService. However, it won’t run on AppService either. Because it is easier to debug on local machine, I have been trying on local machine.
I searched on the internet but have not found anything related to my issue.
How do I solve the problem?
EDIT:
I have the following packages installed.
<package id="Microsoft.AspNet.SignalR" version="2.4.1" targetFramework="net472" />
<package id="Microsoft.AspNet.SignalR.Core" version="2.4.1" targetFramework="net472" />
<package id="Microsoft.AspNet.SignalR.JS" version="2.4.1" targetFramework="net472" />
- MiniTool
- MiniTool News Center
- How To Fix HTTP Error 429: Cause And Fixes
By Sarah | Follow |
Last Updated November 27, 2020
The HTTP error 429 occurs frequently on users’ device; it is often followed by a message: Too Many Requests. This will prevent users from accessing the certain page and seeing the information they need. Please read the following content carefully to figure out what does HTTP 429 mean and how to solve the problem in different ways.
HTTP Error 429: Too Many Requests
A lot of users reported the same problem: they come across the HTTP error 429 when trying to access a certain page through a web browser: such as Microsoft Edge, Google Chrome, and Firefox. And the status code 429 is often followed by an error message — too many requests — which will prevent them from getting access to certain information successfully. (You’d better turn to MiniTool Solution for protecting your data well.)
429 too many requests in Google Chrome:
429. That’s an error.
We’re sorry, but you have sent too many requests to us recently. Please try again later. That’s all we know.
If you see this error, it indicates that you have sent too many requests in a given amount of time. During this period of time, the server will not execute any requests or calls that are created at once. Your account will be blocked by the device temporarily for the purpose of decreasing the high volume of server requests sent in a short time.
People want to solve the problem, but they don’t know how because there is not much information offered. In the following content of this page, I will firstly discuss the cause of HTTP 429; then, I will show you the detailed steps to fix the 429 error yourself.
Please read this page if you run into HTTP 404 not found error:
Cause of Error 429
Your program may stop working and your server may slow down when you encounter 429 HTTP error. There are different types of error codes indicating the same 429 problem.
- 429 Error
- HTTP 429
- Too Many Requests
- 429 Too Many Requests
- Error 429 (Too Many Requests)
Everything is fine until you see the 429 error responses from an API. It says you have made too many requests, hitting the rate limit of an API. The HTTP error 429 is actually an HTTP status code; it’s a client error that is sent back from server to signal to inform users that they have reached the rate limit allowed.
Encountering error 429 is a terrible experience, but it doesn’t mean rate limiting is a bad thing. On the contrary, this limit is great; it can protect most consumable APIs from intentional and accidental abuse of services. You should know that the rate limits of widely used APIs including Twitter and Instagram are stricter than others.
How to Fix 429 Too Many Requests in Google Chrome
This part will show you how to settle down error 429 in Google Chrome browser by clearing the caches and browser history.
- Double click on the app icon on desktop to open Google Chrome. (You can also open it by double clicking on the executable file in installation folder or choosing Google Chrome from Start menu.)
- Look for the three dots option in the upper right corner of opening Chrome; it’s used to customize and control Google Chrome.
- Choose Settings from the drop-down menu (it’s the third option from the bottom).
- Scroll down to find the Privacy and security (You can go there directly by clicking Privacy and security in the left sidebar.)
- Click on the first option: Clear browsing data (Clear history, cookies, cache, and more).
- Make sure the Basic tab is selected at the top.
- Check Cookies and other site data and Cached image and files.
- Click on the Clear data button at bottom right and wait for the action to complete itself.
If this method failed, you can try these steps: scroll down to the bottom in the Settings window -> click on the Advanced button to see the drop-down options -> navigate to Reset and clean up section -> try Restore settings to their original defaults or Clean up computer feature.
If you need to recover deleted history on Google Chrome after fixing HTTP error 429, please follow this tutorial:
Extended reading:
How to Resolve WordPress Error 429 Too Many Requests?
About The Author
Position: Columnist
Sarah has been working as an editor at MiniTool since she graduated from university. Sarah aims at helping users with their computer problems such as disk errors and data loss. She feels a sense of accomplishment to see that users get their issues fixed relying on her articles. Besides, she likes to make friends and listen to music after work.
When browsing the internet, you might run into various unexpected errors: HTTP 500, HTTP 503, HTTP 403, and — of course — HTTP error 429.
HTTP error codes such as 429 are a challenge because they often block you from accessing a website. To make sure you understand and can fix this problem, we’ll go over what “HTTP error 429: Too many requests” means and how to fix it.
HTTP Error 429 is an HTTP response status code that indicates the client application has surpassed its rate limit, or number of requests they can send in a given period of time. Typically, this code will not just tell the client to stop sending requests — it will also specify when they can send another request.
As a website owner, you’ll run into an error message from time to time. Some of these errors will be relatively simple to solve, while others will be more intricate. Take the HTTP error 429 for example.
Image Source
Troubleshooting this error is complicated because it provides few details on what it is or how to solve it. You know something’s wrong and you need to fix it — but you’re not exactly sure what happened or why.
Causes of HTTP Error 429: Too Many Requests
A 429 response is not technically an error — it’s a response from a server, application programming interface (API), or plugin that tells the client application to stop sending requests because they simply don’t have enough resources to accept it at this time.
The client application usually refers to a website or app, but can also refer to individual users like the site admin or a site visitor or hacker.
A 429 error may appear the following ways, with or without the phrase “too many requests”:
-
HTTP error 429
-
HTTP code 429
-
HTTP error code 429
-
HTTP status code 429
-
HTTP response code 429
-
Response code 429
-
429. That’s an error.
-
429 server error
-
There was a problem with the server 429
-
Problem with the server 429
Here are some of the potential causes:
Repeated Requests to the Server
A 429 is often triggered by repeated requests. For instance, if a user is trying to access a page on your website too often in a short period of time, your server may send a 429 error.
Any website or app could experience this error, including Facebook, Etsy, Doordash, Venmo, YouTube, PayPal, Airbnb, Google Search Console, and — of course — WordPress websites (more on how to fix WordPress 429 errors below).
Brute-Force Login Attempts
In the case of a brute-force login attempt, in which a hacker repeatedly tries to log into your site, the 429 error code is an important security measure. It sets a rate limit for additional requests, preventing the brute-force attacker from being successful.
Server Resource Limits
You might also get a 429 error if your website is using up too many resources on a shared hosting server or service. If, for example, more than 50 requests are received from an IP address within one minute, PayPal Sandbox will block that IP for the next five minutes.
While the 429 response may seem punitive, it’s actually a protective measure against users intentionally or accidentally abusing server resources (or an API, plugin, or another service). It’s designed to prevent a backup or overflow of requests that would strain a server, or other service, that is meant to be shared and consumed by many websites and apps. So, by controlling the number and timing of requests, rate limits prevent problems before they arise.
If you are seeing the HTTP 429 error on your site for other reasons, you may need to reduce the number of server requests or API calls you’re making.
How to Fix an HTTP 429 Error
- Wait to send another request.
- Clear your browser’s cache.
- Flush your DNS cache.
- Implement exponential backoff.
Most of the steps below focus on avoiding, rather than retroactively fixing, an HTTP 429 error. Take a look.
1. Wait to send another request.
The simplest way to fix an HTTP 429 error is to wait to send another request. Often, this status code is sent with a “Retry-after” header that specifies a period of time to wait before sending another request. It may specify only a few seconds or minutes.
Here’s an example that asks the client to wait an hour before sending another request.
HTTP/1.1 429 Too Many Requests
Content-Type: text/html
Retry-After: 3600
<html>
<head>
<title>Too Many Requests</title>
</head>
<body>
<h1>Too Many Requests</h1>
<p>Only 100 requests per hour per logged in user is allowed on this website. Try again soon.</p>
</body>
</html>
2. Clear your browser’s cache.
If waiting doesn’t work, try clearing your browser’s cache, which stores your browsing data as well as requests. If you no longer have this data stored in your browser, your next request may go through.
To do so in Chrome:
-
Click CMD + Shift + Delete on Mac or Control + Shift + Delete on Windows.
-
The “Clear browsing data” analog pop up.
-
Click on the Advanced tab.
-
Select the time range and the data you’d like to delete.
-
Click Clear data.
To find instructions for your specific browser, click here.
3. Flush your DNS cache.
Flushing your DNS cache is another option if clearing your browser’s cache doesn’t work. Your computer’s DNS cache saves your domain name server requests so that it can load websites more quickly the next time you access them. Unfortunately, this may result in HTTP error 429 if you’ve made numerous requests before the DNS cache’s time-to-live naturally expires.
To clear your DNS cache on Mac, take the following steps:
-
“Open Finder.
-
Click Applications.
-
Scroll down to the Utilities folder and click it.
-
Open Terminal.
-
In the Terminal window, enter the following command string: sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder
-
Click enter, then input your admin password.
-
Click enter again.”
Find instructions for more operating systems here.
4. Implement exponential backoff.
If waiting, clearing your cache, or flushing your DNS cache don’t work, look for a “Retry-after” header again. If one is not sent and you don’t know how long to wait before trying, you should implement retries with exponential backoff.
Using this approach, you will not immediately repeat a failed request; instead, you will perform a series of retries with progressively longer wait times between each attempt. When the request is finally accepted, then you will know what wait time or rate is acceptable.
You can do this manually by using an exponential backoff calculator. Here’s how:
-
Access a calculator such as exponentialbackoffcalculator.com.
-
Input a time interval, such as 2 seconds.
-
Input the maximum number of retries or requests you’d like to make.
-
Input an exponential for subsequent requests.
-
Use a manual alarm or timekeeper to make new requests at the resulting timestamps.
Alternatively, if you’re a developer or advanced user, you can add code to implement this approach. For instance, you can use a framework like Celery that comes with a built-in exponential backoff module.
Image Source
The steps discussed above are general fixes for the 429 “Too Many Requests” Error. If you have a WordPress site, then you may need a WordPress-specific solution.
How to Fix HTTP 429 Error on WordPress
If you’re getting an HTTP 429 error on your website, this can pose an issue to you as a WordPress administrator and also hamper your website’s user experience. Here are some tips you can follow:
1. Wait before re-accessing your website.
Your WordPress hosting provider may be receiving too many requests to load your website, resulting in an HTTP 429 error. This is especially likely if you use shared hosting, where your website is only allotted a limited number of resources on the host’s server.
In that case, be patient — the error will resolve on its own. If it keeps happening, however, you might want to upgrade to a dedicated hosting or VPS hosting plan.
You can also try clearing you cache, flushing your DNS cache, and trying exponential backoff during this step.
2. Hide or move your default WordPress login page.
Sometimes, HTTP 429 errors can arise due to cybersecurity attacks such as brute-force attacks on your WordPress login page. You can determine whether you’re under a cybersecurity attack in several ways:
-
Check your traffic sources using a WordPress traffic plugin or a tool such as Google Analytics. If you’re seeing a spike in traffic without a valid reason (such as a marketing or advertising campaign), then you may be under attack.
-
If the traffic source is from an unfamiliar country, that may also be a sign that someone from that location is trying to hack you.
-
If the traffic source is from one specific IP address, that may a sign that a single attacker is trying to login to your backend.
To move your default login page, you only need to change its URL. That can be easily done using the WPS Hide Login plugin.
Here’s how to use it:
-
Install the plugin through your WordPress admin dashboard.
-
Access the plugin’s Settings page.
-
Next to Login URL, add the new slug for your login page.
-
Click Save Changes.
Save the new URL somewhere for safekeeping — the last thing you want is to forget where to login!
3. Deactivate your plugins one-by-one.
If you’re still getting HTTP error 429 after waiting, clearing your cache, and checking for brute force attacks, it’s time to look at the next likely culprit: WordPress plugins.
WordPress plugins offer a wealth of functionality to WordPress website owners, but they can also cause performance issues, including HTTP errors such as 429.
Rather than deactivating them all at once, do so one-by-one so that you can isolate the culprit. Here’s how:
-
On your WordPress dashboard’s sidebar, tap Plugins > Installed Plugins.
-
Click Deactivate on the first plugin.
-
Check to see if this resolves the issue by accessing your website through an incognito window.
-
If not, deactivate the next one until all plugins are deactivated.
-
Activate them one-by-one once you’re finished.
4. Uninstall your custom theme.
If you’re using a custom WordPress theme from a marketplace such as ThemeForest or Envato, that may be the culprit. Make sure you save a backup of your website prior to deactivating the custom theme and temporarily installing a default WordPress theme.
5. Set your own throttling limit for any APIs.
An advanced technique you can try is to set a throttling limit if you’re using APIs on your website. Throttling is the process of limiting the number of requests an application can submit in a given amount of time. If this limit is exceeded, the server or API requests will typically be dropped or fulfilled with cached data.
While this approach is most often used by third-party APIs or platforms to prevent client apps from exceeding their limits, it can also be useful for restricting your own consumption of third-party APIs or server resources.
In fact, you can implement a stricter throttling limit for yourself to prevent going over the limits of a server, API, or other service you’re using. This is an especially good idea if you’re using a costly API, like the Twitter API, and don’t want to exceed your usage policy.
6. Contact your hosting provider.
Contacting your hosting provider is always an option for any error on your website, but it should be one of the last options you try.
If you’ve tried the steps above and are still seeing the 429 error, it’s possible that the cause originated from your server and not your website. It’s also possible that your host blocks requests from specific third-party services or platforms, like Google Search Console, which makes lots of requests to websites. By reaching out to your provider, they may be able to solve the issue or provide valuable insight.
How to Avoid an HTTP 429 Error
The most simple way to avoid this error is to reduce the number of requests made in a short period of time. The server is keeping track of how many requests per time unit you make and will enforce it — leading to a temporary block if exceeded. Some servers send this information in the header, on rare occasions.
And remember, receiving a 429 is not necessarily an error, it’s the server’s way of telling you your rate of requests is too high and not willing to accept those actions.
Though in some instances, the reason for the error may be your server rather than with your website. If that’s the case, nothing you will do from your side will help and you should contact your hosting provider for a resolution.
Resolving the HTTP 429 Error
An HTTP 429 error is common, but can be avoided by paying attention to rate limits set by your server, API, plugin, or more. If you exceed those limits, there are steps you can take to resolve a 429 error. By doing so, you’ll continue to provide visitors with a seamless user experience on your site.
This article was originally published in December 2020 and has been updated for comprehensiveness.