Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
After I send a bunch (about 50) of API requests to my app, I start to receive the following error:
The remote server returned an error: (429) Too Many Requests.
Obviously something is protecting my server, but I'm not sure if it's a Forge/Nginx configuration, or code within Laravel itself. I would like to know what's causing it and ultimately disable this behavior.
I'm using Laravel 5.3 with the built in Auth. My server is a Linode box set up by Forge with no fancy settings other than SSL enabled.
Of course I find the answer right after I post about it.
This is not a Forge issue it's Laravel's ThrottleRequests class.
The default configuration for the api middleware groups utilizes throttling.
To disable this behavior open the file: app\Http|Kernel.php
comment out the line: 'throttle:60,1',
from the api array in $middlewareGroups
You should not comment out this middleware. Imagine, if I decide to attack your API now - it will sink. You are not limiting the amount of requests that can be made to it, thus enabling someone to send millions of requests if they wanted to.
Agreed, but I have other security in place on the server because the API is only for my use and not open to the public.
Hi faze, what kind of "other security" did you setup ?
i added IP restrictions to the server so only i can make the API calls.
Please or to participate in this conversation.