Security Plugins Hub

Bring your software development workflows to security

rate limit

Rate Limiting


Signals & Triggers

On request
If predefined threshold is reached


  • Block the HTTP request Block the HTTP request
  • Log request stack trace Log request stack trace
  • Log the malicious request Log the malicious request
  • Report an incident Report an incident


  • Send an email to all team members Send an email to all team members
  • Send a Slack notification. Send a Slack notification.
  • Create an incident on PagerDuty (coming soon) Create an incident on PagerDuty (coming soon)


This plugin enables you to quickly deploy rate limit in your application. Rate limit consists in limiting the volume of HTTP requests a user or IP can perform in a given period of time (minute, hour, day).

All HTTP verbs are supported (GET, POST, PUT, PATCH and DELETE).

This plugin can enforce a global or a custom rate limit, per application route. For instance, the rate limit can be enforced only on the following app’s routes:

GET /users/sign_in 5 per hour

POST /users/:id/reset_password 2 per day

A 429 - Too many requests header is set in the HTTP response when the rate limit is reached.

Note: you can also apply the rate limit as an action from other plugins.

Advanced details

Each time a request is performed, this plugin reports it back to the Sqreen back end.

When the volume of requests distributed over all your application instances reaches the configured rate limit, the Sqreen librariesn deployed in your application will dynamically enforce the rate limit.

Language support

  • Ruby
  • Node.js
  • PHP
  • Python
  • Java

Data collected by Sqreen

  • Number of requests per application route
  • IP address
  • User account (Sqreen SDK)

On attack
  • IP address
  • User account (Sqreen SDK)

Built for developers and modern apps

Get up and running in minutes just by installing our lightweight library. Enable plugins in just a couple of clicks.

  • Ruby
  • Node.js
  • PHP
  • Python
  • Java
  • Go
  • .net
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9

$ echo "gem 'sqreen'" >> Gemfile

$ bundle install

$ echo "token: your token" > config/sqreen.yml

$ npm install --save sqreen

$ echo '{ "token": "your token" }' > sqreen.json

$ curl -s > && bash your token

$ pip install sqreen

$ echo -e "[sqreen]\ntoken: your token" > sqreen.ini

$ curl -o sqreen.jar

Request your beta access for the Go agent Request beta
Get notified when the .net agent releases Notify me

Build amazing products. Keep them safe.

5 min installation · Try all features for 14 days · No credit card required Sign up Request demo