Struct RateLimitConfig 

pub struct RateLimitConfig {

    pub enabled: bool,
    pub default_rpm: u32,
    pub burst_capacity: u32,
    pub method_limits: HashMap<String, MethodLimit>,
    pub client_limits: HashMap<String, ClientLimit>,
    pub cleanup_interval_secs: u64,
    pub adaptive: bool,
    pub threat_penalty_multiplier: f32,
    pub whitelist: HashSet<String>,
    pub blacklist: HashSet<String>,
    pub ip_limits: HashMap<String, IpLimit>,
    pub global_rpm: Option<u32>,
    pub track_by: TrackingMethod,
}

Rate limiting configuration

Security Implications

Rate limiting is essential for preventing abuse and DoS attacks:

• Prevents brute force attacks - Limits authentication attempts
• Protects against resource exhaustion - Controls request rates
• Mitigates data harvesting - Slows down automated scraping
• Adaptive penalties - Automatically restricts suspicious clients

Example: Secure Production Configuration

[rate_limit]
enabled = true
default_rpm = 60           # 1 request per second average
burst_capacity = 10        # Allow short bursts
cleanup_interval_secs = 300
adaptive = true            # Auto-adjust based on threats
threat_penalty_multiplier = 0.5  # Halve limits for threats

[rate_limit.method_limits]
"tools/list" = { rpm = 120, burst = 20 }     # Read operations
"tools/call" = { rpm = 30, burst = 5 }       # Execution operations
"security/neutralize" = { rpm = 10, burst = 2 }  # Sensitive operations

[rate_limit.client_limits]
"trusted-app" = { rpm = 300, burst = 50, priority = "high" }
"public-api" = { rpm = 30, burst = 5, priority = "low" }

Fields

enabled: bool

Enable rate limiting

Default: false (for easier testing) Security: MUST be true in production to prevent abuse. Without rate limiting, attackers can overwhelm the service. Warning: Disabling exposes you to DoS and brute force attacks

default_rpm: u32

Default requests per minute

Default: 60 (1 per second average) Security: Lower values are more secure but may impact usability. Consider your threat model and legitimate usage patterns. Range: 10-600 (recommend 30-120 for most APIs)

burst_capacity: u32

Burst capacity (tokens available immediately)

Default: 10 Security: Allows legitimate burst traffic while preventing abuse. Too high enables rapid attacks; too low impacts user experience. Range: 1-50 (recommend 5-20, should be < default_rpm/6)

method_limits: HashMap<String, MethodLimit>

Per-method rate limits (overrides default)

Default: Sensible limits for common operations Security: Set stricter limits on sensitive operations. Read operations can have higher limits than write operations. Best Practice: Order from least to most sensitive

client_limits: HashMap<String, ClientLimit>

Per-client rate limits (by client ID)

Default: Empty (all clients use default limits) Security: Assign higher limits only to trusted clients. Use priority levels to ensure critical clients aren’t blocked. Warning: Overly generous limits can be exploited

cleanup_interval_secs: u64

Clean up interval for expired buckets (seconds)

Default: 300 (5 minutes) Security: Regular cleanup prevents memory exhaustion. Shorter intervals use more CPU but free memory faster. Range: 60-3600 (recommend 300-900)

adaptive: bool

Enable adaptive rate limiting based on load

Default: false Security: Automatically tightens limits under attack. Reduces false positives during traffic spikes. Trade-off: Adds complexity but improves resilience

threat_penalty_multiplier: f32

Penalty for security threats (multiplier)

Default: 0.5 (halve the rate limit) Security: Clients triggering security alerts get reduced limits. Helps contain attacks while allowing recovery for false positives. Range: 0.1-1.0 (0.1 = 90% reduction, 1.0 = no penalty)

whitelist: HashSet<String>

Whitelist of client IDs exempt from rate limiting

Default: Empty set Security: Only whitelist fully trusted internal clients. Whitelisted clients can still trigger other security measures. Warning: Use sparingly - prefer higher rate limits over exemption

blacklist: HashSet<String>

Blacklist of client IDs to always block

Default: Empty set Security: Immediately reject requests from blacklisted clients. Useful for blocking known malicious actors or compromised credentials. Note: Blacklist takes precedence over whitelist

ip_limits: HashMap<String, IpLimit>

IP-specific rate limits

Default: Empty map Security: Set stricter limits for suspicious IP ranges. Useful for geographic restrictions or known problematic networks. Format: IP address or CIDR notation as key

global_rpm: Option<u32>

Global requests per minute limit across all clients

Default: None (no global limit) Security: Prevents total system overload regardless of client distribution. Individual client limits still apply within the global limit. Range: 100-10000 (recommend 10x expected peak traffic)

track_by: TrackingMethod

Method for tracking clients

Default: ClientId Security: Determines how rate limits are applied. IP-based tracking is more strict but may affect legitimate shared IPs. Options: ClientId, IpAddress, Combined (both must pass)

Trait Implementations

impl Clone for RateLimitConfig

fn clone(&self) -> RateLimitConfig

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for RateLimitConfig

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for RateLimitConfig

fn default() -> Self

Returns the “default value” for a type.

impl<'de> Deserialize<'de> for RateLimitConfig

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Serialize for RateLimitConfig

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.