From acaec8e0c2bb663fe1cf19abc7cd8e7280433a9f Mon Sep 17 00:00:00 2001 From: root Date: Fri, 20 Mar 2026 23:36:55 +0000 Subject: [PATCH] fix: increase rate limits to prevent lockouts (300 general, 50 auth) --- backend/src/index.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/src/index.ts b/backend/src/index.ts index 1511da0..2ffb48f 100644 --- a/backend/src/index.ts +++ b/backend/src/index.ts @@ -31,7 +31,7 @@ app.use(express.json({ limit: '10mb' })); // Rate limiting const limiter = rateLimit({ windowMs: 15 * 60 * 1000, // 15 minutes - max: 100, + max: 300, standardHeaders: true, legacyHeaders: false, message: { error: 'Too many requests', message: 'Please try again later' }, @@ -41,7 +41,7 @@ app.use('/api/', limiter); // Stricter rate limit for auth endpoints const authLimiter = rateLimit({ windowMs: 15 * 60 * 1000, - max: 20, + max: 50, standardHeaders: true, legacyHeaders: false, message: { error: 'Too many login attempts', message: 'Please try again later' },