NGINX rate limiting: 100 req/s per IP on /api/* endpoints
MediumRolled Back
Implemented rate limiting to protect API endpoints from abuse. Configured zone with 10MB memory, burst=20 nodelay. Returns 429 on excess.
Expected Impact
Rolled back after reports of false positives affecting legitimate batch import jobs. Will re-implement with allowlist for known automation IPs.
- Service
- NGINX Load Balancer
- Host
- lb-01prod
- Logged By
- Jordan Rivera
- Created
- Mar 22, 2026
nginxrate-limitingapisecurity
Status updates are disabled in demo mode.