diff --git a/.env.example b/.env.example
index 4978f6a78..f07f28c5f 100644
--- a/.env.example
+++ b/.env.example
@@ -47,3 +47,6 @@ AGENDASH_AUTH_PASSWORD=123123
 SIGNUP_DISABLED=false
 SIGNUP_ALLOWED_DOMAINS=
 SIGNUP_ALLOWED_EMAILS=
+
+# API rate limit (points,duration,block duration).
+API_RATE_LIMIT=120,60,600
\ No newline at end of file
diff --git a/packages/server/src/config/index.ts b/packages/server/src/config/index.ts
index ff1fedb6a..bc6833130 100644
--- a/packages/server/src/config/index.ts
+++ b/packages/server/src/config/index.ts
@@ -1,9 +1,12 @@
 import dotenv from 'dotenv';
 import path from 'path';
+import { toInteger } from 'lodash';
 import { castCommaListEnvVarToArray, parseBoolean } from '@/utils';
 
 dotenv.config();
 
+const API_RATE_LIMIT = process.env.API_RATE_LIMIT?.split(',') || [];
+
 module.exports = {
   /**
    * Your favorite port
@@ -97,7 +100,7 @@ module.exports = {
   jwtSecret: process.env.JWT_SECRET,
 
   /**
-   * 
+   *
    */
   resetPasswordSeconds: 600,
 
@@ -130,9 +133,9 @@ module.exports = {
       blockDuration: 60 * 15,
     },
     requests: {
-      points: 60,
-      duration: 60,
-      blockDuration: 60 * 10,
+      points: API_RATE_LIMIT[0] ? toInteger(API_RATE_LIMIT[0]) : 120,
+      duration: API_RATE_LIMIT[1] ? toInteger(API_RATE_LIMIT[1]) : 60,
+      blockDuration: API_RATE_LIMIT[2] ? toInteger(API_RATE_LIMIT[2]) : 60 * 10,
     },
   },