GitHub - magesuite/rest-api-rate-limit-terminator

The purpose of this module is to override the Magento Rest API items limit in order to prevent issues with communication via API.

Installation

Installation if metapackage is not used:

Admin settings

Store → Configuration → MageSuite → REST Api Rate Limit Terminator

Open

To ensure that specific endpoints are restricted by default and only accessible upon successful authorization, you can define their access control in the REST configuration. If an endpoint should require authorization, you need to add a corresponding entry to the REST permissions table and specify an appropriate ACL rule. This ACL will determine whether access is granted based on the user's permissions. If no ACL is provided, the endpoint will be blocked for unauthorized requests by default.

To mitigate excessive shopping cart creation by bots on your site, you can implement a fingerprinting mechanism to restrict cart creation within a defined time frame. By generating a unique fingerprint for each visitor—based on device attributes, IP address, or browser characteristics—you can track and limit the number of carts created per user. If multiple cart creation requests are detected within a short period, further requests can be temporarily blocked, effectively reducing automated abuse.

Backend

The only functionality in this module is the override of Magento Rest API items limit in rest-api-rate-limit-terminator/etc/di.xml file:

Frontend

There are no frontend functionalities in this module.