I Have an API Endpoint and a malicious low-privileged user trying to capture my request via a proxy tool, sends it to the intruder tool and generates 100 requests and all the requests went to successfully and all requests returned 200 ok status.
I want to use rate limiting for the above issues like within 2 minutes. I can send only 10 requests and if the user sends the 11th request, he has to wait for the remaining minutes left. after 2 minutes of completion, one can send new request.
I want to go with the above approach, not at the application server code level but I need to implement it on the WEb API management level can anyone help me on this?
I Have an API Endpoint and a malicious low-privileged user trying to capture my request via a proxy tool, sends it to the intruder tool and generates 100 requests and all the requests went to successfully and all requests returned 200 ok status.
I want to use rate limiting for the above issues like within 2 minutes. I can send only 10 requests and if the user sends the 11th request, he has to wait for the remaining minutes left. after 2 minutes of completion, one can send new request.
I want to go with the above approach, not at the application server code level but I need to implement it on the WEb API management level can anyone help me on this?