diff --git a/package-lock.json b/package-lock.json
index 7dc3aba..95842d0 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -14,6 +14,7 @@
                 "cookie-parser": "^1.4.6",
                 "cors": "^2.8.5",
                 "express": "^4.19.2",
+                "express-rate-limit": "^7.2.0",
                 "express-session": "^1.18.0",
                 "jsonwebtoken": "^9.0.2",
                 "jwt-decode": "^4.0.0",
@@ -1437,6 +1438,20 @@
                 "node": ">= 0.10.0"
             }
         },
+        "node_modules/express-rate-limit": {
+            "version": "7.2.0",
+            "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-7.2.0.tgz",
+            "integrity": "sha512-T7nul1t4TNyfZMJ7pKRKkdeVJWa2CqB8NA1P8BwYaoDI5QSBZARv5oMS43J7b7I5P+4asjVXjb7ONuwDKucahg==",
+            "engines": {
+                "node": ">= 16"
+            },
+            "funding": {
+                "url": "https://github.com/sponsors/express-rate-limit"
+            },
+            "peerDependencies": {
+                "express": "4 || 5 || ^5.0.0-beta.1"
+            }
+        },
         "node_modules/express-session": {
             "version": "1.18.0",
             "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.18.0.tgz",
@@ -4525,6 +4540,12 @@
                 }
             }
         },
+        "express-rate-limit": {
+            "version": "7.2.0",
+            "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-7.2.0.tgz",
+            "integrity": "sha512-T7nul1t4TNyfZMJ7pKRKkdeVJWa2CqB8NA1P8BwYaoDI5QSBZARv5oMS43J7b7I5P+4asjVXjb7ONuwDKucahg==",
+            "requires": {}
+        },
         "express-session": {
             "version": "1.18.0",
             "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.18.0.tgz",
diff --git a/package.json b/package.json
index 050367d..a903ee5 100644
--- a/package.json
+++ b/package.json
@@ -32,6 +32,7 @@
         "cookie-parser": "^1.4.6",
         "cors": "^2.8.5",
         "express": "^4.19.2",
+        "express-rate-limit": "^7.2.0",
         "express-session": "^1.18.0",
         "jsonwebtoken": "^9.0.2",
         "jwt-decode": "^4.0.0",
diff --git a/src/main/typescript/server.ts b/src/main/typescript/server.ts
index 1d29157..883c22c 100644
--- a/src/main/typescript/server.ts
+++ b/src/main/typescript/server.ts
@@ -2,6 +2,7 @@
  * Required external modules
  */
 import express, { Application } from 'express';
+import RateLimit from 'express-rate-limit';
 import cors from 'cors';
 import mongoose from 'mongoose';
 import session from 'express-session';
@@ -38,6 +39,11 @@ import path from 'node:path';
  * App Variables
  */
 const app: Application = express();
+const limiter = RateLimit({
+    // 15 minutes
+    windowMs: 15 * 60 * 1000,
+    limit: 100,
+});
 
 /**
  * Database connection
@@ -53,6 +59,7 @@ app.use(cors({
     origin: server_settings.frontend_url,
     credentials: true,
 }));
+app.use(limiter);
 app.use(cookies());
 app.use(express.json());
 app.use(express.urlencoded({ extended: true }));