Available inall subroutines.

Check if a user is currently within a penalty box (penalized).

For rate limiting purposes, consider using the ratelimit.check_rate and ratelimit.check_rates functions instead, which correctly handle the necessary details.


pb - The penalty box.

entry - The entry to keep track of. Typically client.ip, and any associated metadata. An entry can be, at maximum, 256 bytes long.

Return value

Upon completion, this function returns true if the entry exists in the penalty box (i.e., the client is penalized) or false otherwise.

In the event an error occurs, the default return value is false; therefore errors (via fastly.error) must be handled specifically.


If the given entry is longer than 256 bytes, then false is returned, and fastly.error is set to EINVAL.


The following example will check if the client making the request exists in the given penalty box. If so, the service immediately errors and returns 429 to the client.

penaltybox pbox { }
sub vcl_recv {
if (ratelimit.penaltybox_has(pbox, client.ip)) {
error 429 "Too many requests";