# Vercel WAF rate limiting now generally available

**Published:** October 2, 2024 | **Authors:** Dany Volk, Joseph Collins, Andrew Barba, Kevin Rupert

---

Vercel Web Application Firewall (WAF) rate limiting is now generally available, giving you precise control over request volumes to your applications.

With over 15 parameters, including target path, headers, method, and cookies, you can define the business logic for rate limiting. Then, apply a rate-limiting algorithm tied to IP, JA4 digest, headers, or user agent to control the frequency of matching traffic within your set limits.

When paired with [persistent actions](https://vercel.com/changelog/vercel-waf-now-supports-persistent-actions), rate limiting can help reduce resource abuse across Edge Requests, Middleware, Data Transfer, and Function execution.

Rate limiting with a fixed-window algorithm is available today for Pro customers, with an additional token-bucket algorithm available to Enterprise customers. [Pricing for rate limiting ](https://vercel.com/docs/security/vercel-waf/rate-limiting#pricing)is regional starting at $.50 per 1 million allowed requests.

Add rate limiting [using a template](https://vercel.com/templates/vercel-firewall/rate-limit-api-requests-firewall-rule) or read the [rate limiting documentation](https://vercel.com/docs/security/vercel-waf/rate-limiting) to learn more.

---

📚 **More updates:** [View all changelog entries](/changelog/sitemap.md) | [Blog](/blog/sitemap.md)