Rate Limiting
Rate limiting restricts how many requests a client can make in a time window, helping protect APIs from abuse and spikes.
Rate limiting limits how many requests an IP/user/key can make in a given period.
- Protects login endpoints from brute-force
- Reduces impact of traffic spikes
- Often combined with caching and WAF rules