---
title: resp.tarpit
summary: null
url: >-
  https://www.fastly.com/documentation/reference/vcl/functions/miscellaneous/resp-tarpit
---

```
VOID resp.tarpit(INTEGER interval_s, INTEGER chunk_size_bytes?)
```

**Available in:** deliver

Limit the rate at which the response is sent to the client.

[Tarpitting](https://en.wikipedia.org/wiki/Tarpit_(networking)) is an anti-abuse technique designed for situations in which directly closing the connection isn't appropriate. It can also be used to reduce the churn of opening and closing connections on the server side. By forcing a client to wait for every chunk of the response, a tarpit imposes more cost on a potential bad actor than your origin.

Tarpitting is applied only to responses of 4000 bytes or smaller.

## Parameters

`interval_s` - How often the response chunks should be written to the network, in seconds.

`chunk_size_bytes` - The size of the response chunks to send, in bytes. Optional. Defaults to 100 bytes.

## Interaction with shielding

If your service uses [shielding](https://www.fastly.com/documentation/guides/concepts/shielding/), you should ensure that you perform tarpitting only at the _edge_ POP, not at the shield, since a POP acting as a shield is handling a request from another Fastly POP, not from an end user client. The variable `fastly.ff.visits_this_service` can be used to determine whether the current VCL execution is happening on a shield server or not.

## Example

The following example will force the client to wait for 5 seconds before emitting each 1000 bytes of the response.

```vcl
sub vcl_deliver {
  if (fastly.ff.visits_this_service == 0 && resp.status == 403) { 
    resp.tarpit(5, 1000);
  }
}
```