Frontend Rate Limiting

MoPub implements rate limiting on our frontend as a general security best practice. A rate limit is a maxim number of requests per second. A frontend request refers to any interaction with the UI, such as checking or unchecking checkboxes, editing a line item, generating a report, or clicking to a different section of the dashboard. The rate limits for our frontend users are as follows:

  • For a logged-in MoPub user, we implement the rate limit on the user. The limit for a logged-in user is 50 requests per second.

  • For a user who is not logged in, or if we cannot detect a user, we switch to rate limiting on the individual IP address. The rate limit in this case is 16 requests per second.

  • If the rate limit is triggered, the user must wait 60 seconds before attempting to send another request through the UI.

Rate Limit Best Practices

  • A single user account should not be shared by multiple users. If multiple users access the MoPub UI through a single user account, they are more likely to trigger the rate limit for that account. This is because requests from all logged-in users are aggregated and tracked against the rate limit for the single user account.

  • If you are running any scripts on MoPub’s frontend, we recommend that you create a separate user account for the purpose of running scripts. This is a best practice, and will prevent rate limiting on a human user’s account.

  • Make sure any scripts that you are running on the frontend are efficient. Your script should not log in every time to run each action, it should retain the login cookie, and it should avoid making additional requests to log in every time.

Last updated October 06, 2020

TWITTER, MOPUB, and the Bird logo are trademarks of Twitter, Inc. or its affiliates. All third party logos and trademarks included are the property of their respective owners.

© 2020 MoPub (a division of Twitter, Inc.)