Developer Network™ Description
Add a generic rate limiting framework to the Joomla core, allowing both core and 3rd party developers to rate limit specific interactions, i.e., preventing brute force attacks to login forms.
Joomla! Feature Roadmap
Rate Limiting Framework
- Person in Charge:
- Harald Leithner
- Status:
- In Planning
- Modified Date
- Friday, 26 September 2025
- Added Value / Benefits
- A rate limiting framework in Joomla adds value across different user groups by strengthening security, ensuring stability, and improving user experience.
- Requirements/Dependencies
- Developer
- Documentation
- Implementation details
- Building an easy to use Framework based on an existing implementation like the Symfony Rate Limiter.
It should provide different types of time windows and limiting sources.
Possible usage could be in the following areas:
- User registration
- Password reset
- Login
- MFA
- Search
- Contact Form
- CAPTCHA activation based on rate limit
- Event driven sources and limits
- Implementation Resources
- USPs
- Enduser: Built-in safeguards for your Joomla site
- Community/Creators: Equip your extensions with built-in Joomla core protection and control.
- A central framework allows all extensions to use this without inventing there own structure.
- How to participate?
- Please join the Mattermost Channel and ask where you can help.