diff --git a/.changelog/2808.txt b/.changelog/2808.txt
new file mode 100644
index 00000000000..7a656cd1eb5
--- /dev/null
+++ b/.changelog/2808.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+resource/cloudflare_ruleset: mark `requests_to_origin` required for ratelimit blocks
+```
diff --git a/docs/resources/ruleset.md b/docs/resources/ruleset.md
index a632d570402..bb19333b0da 100644
--- a/docs/resources/ruleset.md
+++ b/docs/resources/ruleset.md
@@ -829,6 +829,10 @@ Optional:
 <a id="nestedblock--rules--ratelimit"></a>
 ### Nested Schema for `rules.ratelimit`
 
+Required:
+
+- `requests_to_origin` (Boolean) Whether to include requests to origin within the Rate Limiting count.
+
 Optional:
 
 - `characteristics` (Set of String) List of parameters that define how Cloudflare tracks the request rate for this rule.
@@ -836,7 +840,6 @@ Optional:
 - `mitigation_timeout` (Number) Once the request rate is reached, the Rate Limiting rule blocks further requests for the period of time defined in this field.
 - `period` (Number) The period of time to consider (in seconds) when evaluating the request rate.
 - `requests_per_period` (Number) The number of requests over the period of time that will trigger the Rate Limiting rule.
-- `requests_to_origin` (Boolean) Whether to include requests to origin within the Rate Limiting count.
 - `score_per_period` (Number) The maximum aggregate score over the period of time that will trigger Rate Limiting rule.
 - `score_response_header_name` (String) Name of HTTP header in the response, set by the origin server, with the score for the current request.
 
diff --git a/internal/framework/service/rulesets/schema.go b/internal/framework/service/rulesets/schema.go
index 84d441dd7ff..9a57434594e 100644
--- a/internal/framework/service/rulesets/schema.go
+++ b/internal/framework/service/rulesets/schema.go
@@ -917,7 +917,7 @@ func (r *RulesetResource) Schema(ctx context.Context, req resource.SchemaRequest
 										MarkdownDescription: "Criteria for counting HTTP requests to trigger the Rate Limiting action. Uses the Firewall Rules expression language based on Wireshark display filters. Refer to the [Firewall Rules language](https://developers.cloudflare.com/firewall/cf-firewall-language) documentation for all available fields, operators, and functions.",
 									},
 									"requests_to_origin": schema.BoolAttribute{
-										Optional:            true,
+										Required:            true,
 										MarkdownDescription: "Whether to include requests to origin within the Rate Limiting count.",
 									},
 								},