diff --git a/internal/http_handlers/graphql.go b/internal/http_handlers/graphql.go
index a32c02b2..165ecbfd 100644
--- a/internal/http_handlers/graphql.go
+++ b/internal/http_handlers/graphql.go
@@ -71,6 +71,8 @@ func (h *httpProvider) GraphqlHandler() gin.HandlerFunc {
 	srv.Use(extension.AutomaticPersistedQuery{
 		Cache: lru.New[string](100),
 	})
+	// Limit query complexity to prevent resource exhaustion
+	srv.Use(extension.FixedComplexityLimit(300))
 
 	return func(c *gin.Context) {
 		// Create a custom handler that ensures gin context is available