From 2a35fe6178efbe64a4f8bc5384267a5fa86fe43a Mon Sep 17 00:00:00 2001
From: Iain Sproat <68657+iainsproat@users.noreply.github.com>
Date: Fri, 7 Apr 2023 12:49:45 +0100
Subject: [PATCH] fix(ratelimit): reduce /graphql limit based on incident
 (#1505)

---
 packages/server/modules/core/services/ratelimiter.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/server/modules/core/services/ratelimiter.ts b/packages/server/modules/core/services/ratelimiter.ts
index 41769e45f..1665ca954 100644
--- a/packages/server/modules/core/services/ratelimiter.ts
+++ b/packages/server/modules/core/services/ratelimiter.ts
@@ -170,11 +170,11 @@ export const LIMITS: RateLimiterOptions = {
   },
   'POST /graphql': {
     regularOptions: {
-      limitCount: getIntFromEnv('RATELIMIT_POST_GRAPHQL', '50'),
+      limitCount: getIntFromEnv('RATELIMIT_POST_GRAPHQL', '10'),
       duration: 1 * TIME.second
     },
     burstOptions: {
-      limitCount: getIntFromEnv('RATELIMIT_BURST_POST_GRAPHQL', '200'),
+      limitCount: getIntFromEnv('RATELIMIT_BURST_POST_GRAPHQL', '20'),
       duration: 1 * TIME.minute
     }
   },