Error: Your account is temporarily suspended because of high API rate.
Why am I getting this error?
If you have seen this error, and/or received an email, it is because you have generated more than:
-
1000 profiles/day
-
100 profiles/hour
Blackfire indeed limits the number of profiles that you can generate over such periods of time.
Why is Blackfire limiting the number of profiles?
Blackfire Profiler is built to profile on-demand specific parts of a running application or to run profiles across scenarios triggered upon specific events, such as deploying a new version of an application.
A profile offers in-depth metrics and insights into the code's execution. The trade-off is that it also generates an overhead on the instrumented request. The default behavior of Blackfire is built to avoid profiling end-user requests. End-users are therefore never impacted by the overhead.
The use cases are very different from a monitoring tool. Therefore, even though we do have a profile rate limit in place, the supported use cases should never let you reach such limits.
OK, but I want to understand how code behaves in production without having to profile on-demand!
That is a very important thing indeed! The great part about Blackfire is that it also offers built-in Monitoring features.
Monitoring is a lightweight performance measurement technique that requires no action from developers and warns you if ever something goes wrong. Blackfire Monitoring is fully integrated with Blackfire Profiler, so that profiles are also automatically generated on the most impactful parts of your application.
So, how can I get my account unblocked?
There may be several reasons why you reached the rate limit. You will first need to resolve the issue, then ask the Blackfire team to reset your daily limit (hourly limits are reset automatically every hour).
SDK profiling flood
If you are using the PHP-SDK of Blackfire, you might trigger that much builds from PHP.
Usually, users hitting this error have configured the SDK to profile every request from a site with user traffic. It is recommended to enable the SDK only in specific conditions (query parameter in URL, specific IP, HTTP header, ...).
Profile all requests
The "Profile all requests" feature adds a header to every outgoing HTTP request from your browser, in order to profile it.
Every XHR request will be profiled. If you have a single page making 50 XHR requests, displaying two pages will make you hit the API Rate Limit
This header is also added to every query for assets (Javascript, CSS, WOFF, ...). If your assets are served by PHP, a single page show triggers as much profiles. Suppose you have 30 assets, after 4 pages, you hit the API Rate Limit.
--
Try serving your assets without PHP (static file, directly).
It will add a lot of performance to your site.
--