Every popular software should have a Rate Limiter. It prevents DDOS attack, reduces cost and prevents servers from being overloaded. There are some tricky questions to be considered during implementation of Rate Limiter: Where to put Rate Limiter: client-side, server-side, gateway? Algorithms for rate limiting. There are many algorithms with pros and cons: Token bucket, Leaking bucket, Fixed window counter, Sliding window log, Sliding window counter. Your business needs will define the right algorithm.