Laravel rate limiting returns 429 error despite disabling rate limiting

Question

I'm using a load test tool called Artillery to simulate requests on my Laravel application. By default the Laravel application uses the IP to detect whether it should rate limit or not, so in production the varying IP addresses won't be a problem, but for Artillery this is a problem since the requests are returning 429 errors.

I've tried disabling configureRateLimiting in production, but I'm still getting 429 errors.

Artillery is sending at least 3 requests per second to my api endpoint for at least 2 minutes, and then ramps up to roughly 30 a second for 15 minutes.

What am I missing to disable rate limiting here?

<?php

namespace App\Providers;

use Illuminate\Cache\RateLimiting\Limit;
use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\RateLimiter;
use Illuminate\Support\Facades\Route;

class RouteServiceProvider extends ServiceProvider
{
    /**
     * The path to the "home" route for your application.
     *
     * This is used by Laravel authentication to redirect users after login.
     *
     * @var string
     */
    public const HOME = '/home';

    /**
     * The controller namespace for the application.
     *
     * When present, controller route declarations will automatically be prefixed with this namespace.
     *
     * @var string|null
     */
    // protected $namespace = 'App\\Http\\Controllers';

    /**
     * Define your route model bindings, pattern filters, etc.
     *
     * @return void
     */
    public function boot()
    {
        if (!config('artillery.enabled')) {
            $this->configureRateLimiting();
        }

        $this->routes(function () {
            Route::prefix('api')
                ->middleware('api')
                ->namespace($this->namespace)
                ->group(base_path('routes/api.php'));

            Route::middleware('web')
                ->namespace($this->namespace)
                ->group(base_path('routes/web.php'));
        });
    }

    /**
     * Configure the rate limiters for the application.
     *
     * @return void
     */
    protected function configureRateLimiting()
    {
        if (config('artillery.enabled')) {
            return;
        }

        RateLimiter::for('api', function (Request $request) {
            return Limit::perMinute(300)->by(optional($request->user())->id ?: $request->ip());
        });
    }
}

My site goes through Cliudflare and I'm sending requests to my production endpoint since this is the most realistic test.