// the find
GrahamCampbell/Laravel-Throttle
A rate limiter for Laravel
A rate limiting package for Laravel that wraps the framework's cache layer to throttle requests by IP and route. It predates Laravel's own built-in throttle middleware (added in L5.2) and offers a similar feature set with a slightly different API. Most Laravel apps today don't need this.
Ships a clean interface/factory abstraction that makes swapping throttler implementations possible without touching application code. The middleware accepts inline limit and time parameters directly on the route definition, which is handy. Well-maintained across Laravel versions with a clear compatibility matrix going back to L5.5. Test coverage is solid for a package this size.
Laravel has had `throttle` middleware built into the framework since 5.2, backed by the same cache layer — for the vast majority of use cases this package is redundant. Throttling is purely IP+route based with no concept of authenticated user identity, so if a user switches IPs or shares one (NAT, VPN, corporate office), the limit either breaks or punishes the wrong person. The single cache driver config is global; you can't use Redis for throttling while keeping the default cache as file. No support for sliding window or token bucket algorithms — it's fixed window only, which means a burst of requests right before reset goes undetected.