API Rate Limiting
تحديد معدل API (Rate Limiting)
Definition
A technique to limit how many requests a client can make to an API in a given time window.
تقنية للحد من عدد الطلبات التي يمكن للعميل تقديمها إلى API في نافذة زمنية محددة.
Why It Matters
The 404Fault knowledge graph endpoint is public and called on every term page. Without rate limiting, a single script could call /api/knowledge-graph/term/* thousands of times and run up Firebase/Vercel costs.
نقطة نهاية الرسم البياني للمعرفة في 404Fault عامة وتُستدعى في كل صفحة مصطلح. بدون تحديد المعدل، يمكن لسكريبت واحد استدعاء /api/knowledge-graph/term/* آلاف المرات وتضخيم تكاليف Firebase/Vercel.
Full Definition
Example Usage
“// Using Upstash Ratelimit: const { success } = await ratelimit.limit(req.ip ?? 'unknown'); if (!success) return NextResponse.json({ error: 'Rate limited' }, { status: 429 });”
“// باستخدام Upstash Ratelimit: const { success } = await ratelimit.limit(req.ip ?? 'unknown'); if (!success) return NextResponse.json({ error: 'Rate limited' }, { status: 429 });”
AI Builder Tips
Avoid these mistakes when using API Rate Limiting:
Rate limiting only by IP — authenticated users should be rate-limited by user ID, not IP (VPNs/NAT distort IP counts)
Not returning Retry-After header with 429 — clients don't know when to retry
Sign in to unlock guided AI explanations from AI Teacher.
Generate a Prompt
Copy this prompt and use it directly with any AI model — no setup needed.
Help me build a project using API Rate Limiting. Explain: 1. What is API Rate Limiting and why it matters 2. The core architecture and required tools 3. Step-by-step implementation plan 4. Common mistakes to avoid: Rate limiting only by IP — authenticated users should be rate-limited by user ID, not IP (VPNs/NAT distort IP counts), Not returning Retry-After header with 429 — clients don't know when to retry 5. Best practices and production tips