Rate limiting is the number of requests that can be made to an API per window (a specific time period). For example, an API can have 1000 request per hour (window) but this is the total number of requests. This can be done to prevent an overloading of a system's infrastructure such as might be caused by a DoS (Denial of Service) attack or a DDoS (distributed denial-of-service) attack. Additionally, if requests to an API starts to become more active, the rate limit can be adjusted in steps to achieve optimum performance for users. A Rate Limit Store must be selected to use Rate Limiting.