rate limiting
made easy

Protect your serverless/edge APIs from abuse. Start rate-limiting expensive requests with a simple API today.

👉
👈
Control the number of :max requests made within a specified :interval, e.g. for each user :key
// GET /:namespace/:max/:interval/:key
=> 200 OK <=
{ok: true, remaining: 3}

🧑‍💻 Get started in seconds 🧑‍💻

copy-paste, configure, start limiting, all within seconds
To get started, follow these simple steps
  • Create namespace and its ID in the dashboard
  • Decide on the allowed request rate, e.g. max 100 requests per 1 hour (100/1h)
  • Define rate limiting key - account/user ID, or their IP address
Then, combine all above into a simple HTTP request to rlimit.com API (GET /:namespace/:max/:interval/:key)
Below, you can find examples of how to implement rate limiting in your application, in multiple languages and frameworks.
1
const namespace = "example" // rlimit.com namespace ID
2
const key = "account-or-user-id" // identifier - user/account ID, IP, operation, etc
3
4
// limit $key to 100 requests every 1h
5
const limit = await fetch(`https://rlimit.com/${namespace}/100/1h/${key}`)
6
7
// or limit.status === 429
8
if (!limit.ok) {
9
// rate limited
10
// for example, reject request
11
}
1
export RATELIMIT_KEY="account-or-user-id" # identifier - user/account ID, IP, operation, etc
2
curl -X GET --fail "https://rlimit.com/example/100/1h/${RATELIMIT_KEY}"
3
# error with 'curl: (22) The requested URL returned error: 429' on rate limit
1
// middleware.ts
2
export const rateLimitMiddleware: MiddlewareHandler = async (c, next) => {
3
// read accountId from request path
4
const accountId = c.req.param("accountId")
5
6
// limit $accountId to 100 requests every 1h
7
const limit = await fetch(`https://rlimit.com/example/100/1h/${accountId}`)
8
9
if (!limit.ok) {
10
return c.text("too many requests", 429)
11
}
12
13
await next()
14
}
15
16
// router.ts
17
app.get("/api/:accountId/expensive-operation", rateLimitMiddleware, myHandler);
1
import requests
2
3
key = "user:123" # identifier - user/account ID, IP, operation, etc
4
5
# limit "account-or-user-id" to 100 requests every 1h
6
limit = requests.get("https://rlimit.com/example/100/1h/" + key)
7
8
if not limit.ok:
9
# rate limited
10
# for example, reject request
11
pass

Simple pricing

Pay for what you use, allowed requests only. Get started in seconds.

  • Simple GET API

  • Live events monitoring

  • Analytics

  • High availability

  • Webhooks

  • Global low latency (+write replication)

  • Configure custom caps

Free tier available, no CC required - limited to 10 RPS and 10k requests per day.

Pay as you go

$5/mo

2M requests included+ $0.5/100k overage requests

✨ Analytics ✨

observability out of the box, check out this landing page (and GET button) stats below
  1. allowed

  2. blocked

Live events

monitor rate limit events as they happen, in real time
waiting for events

Frequently Asked Questions