Different routes can have varying legitimate needs, make them configurable.
Examples:
- API routes for authentication limited to X attempt(s) per second.
- Requests with valid auth tokens might be limited to 10/sec, etc.
- prevent poorly written clients from creating DoS attacks
Different routes can have varying legitimate needs, make them configurable.
Examples: