How to Rate Limit Route Requests in Laravel

Published on December 8, 2020 37 sec read

According to Wikipedia, In computer networks, rate limiting is used to control the rate of requests sent or received by a network interface controller and is used to prevent DoS attacks. In this article, we are going to set rate limits in Laravel routes.

We can do it using Laravel throttle middleware. Let’s get started:

Table of Contents

  1. Basic Example
  2. Apply on Route Group
  3. Dynamic Rate Limit

Basic Example

Let’s set throttle middleware in a route:

Route::get('/user', function () {
})->middleware('auth', 'throttle:20,1');

An authenticated user access route 20 times per minute. After crossing the limit the route will return 429 Too Many Requests.

Apply on Route Group

We can easily set rate limit in a group of routes:

Route::middleware('auth:api', 'throttle:20,1')->group(function () {
    Route::get('/user', function () {

Dynamic Rate Limit

We can set a dynamic rate limit variable instead of a hard-coded number of maximum requests:

Route::middleware('auth:api', 'throttle:rate_limit,1')->group(function () {
    Route::get('/user', function () {

The rate_limit is an attribute of a User model.

Monthly Newsletter

One email a month, packed with the latest tutorials, delivered straight to your inbox.
We'll never send any spam or promotional emails.

Hey, I'm Md Obydullah. I build open-source projects and write article on Laravel, Linux server, modern JavaScript and more on web development.