diff --git a/server/index.js b/server/index.js
index 5fc3c63..10ee245 100644
--- a/server/index.js
+++ b/server/index.js
@@ -4,6 +4,7 @@ const bodyParser = require('body-parser');
 const chalk = require('chalk')
 const cors = require('cors')
 const history = require('connect-history-api-fallback');
+const rateLimit = require('express-rate-limit');
 
 require('./services/socket')(server);
 require('./connections/mongo_conn');
@@ -21,6 +22,11 @@ app.use(cors(
     }
 ));
 
+app.use(rateLimit({
+    windowMs: 15 * 60 * 1000,
+    max: 100
+}));
+
 app.use(bodyParser.urlencoded({
     extended: true
 }));
diff --git a/server/package-lock.json b/server/package-lock.json
index 14ae096..1db91bf 100644
--- a/server/package-lock.json
+++ b/server/package-lock.json
@@ -17,6 +17,7 @@
         "cors": "^2.8.5",
         "debug": "^2.6.9",
         "express": "^4.17.1",
+        "express-rate-limit": "^5.2.3",
         "express-session": "^1.17.1",
         "express-validator": "^6.8.0",
         "mongoose": "^5.11.8",
@@ -874,6 +875,11 @@
         "node": ">= 0.10.0"
       }
     },
+    "node_modules/express-rate-limit": {
+      "version": "5.2.3",
+      "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-5.2.3.tgz",
+      "integrity": "sha512-cjQH+oDrEPXxc569XvxhHC6QXqJiuBT6BhZ70X3bdAImcnHnTNMVuMAJaT0TXPoRiEErUrVPRcOTpZpM36VbOQ=="
+    },
     "node_modules/express-session": {
       "version": "1.17.1",
       "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.1.tgz",
@@ -3462,6 +3468,11 @@
         "vary": "~1.1.2"
       }
     },
+    "express-rate-limit": {
+      "version": "5.2.3",
+      "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-5.2.3.tgz",
+      "integrity": "sha512-cjQH+oDrEPXxc569XvxhHC6QXqJiuBT6BhZ70X3bdAImcnHnTNMVuMAJaT0TXPoRiEErUrVPRcOTpZpM36VbOQ=="
+    },
     "express-session": {
       "version": "1.17.1",
       "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.1.tgz",
diff --git a/server/package.json b/server/package.json
index 9fa855b..f5dfeed 100644
--- a/server/package.json
+++ b/server/package.json
@@ -19,6 +19,7 @@
     "cors": "^2.8.5",
     "debug": "^2.6.9",
     "express": "^4.17.1",
+    "express-rate-limit": "^5.2.3",
     "express-session": "^1.17.1",
     "express-validator": "^6.8.0",
     "mongoose": "^5.11.8",