rate limiting – Automated Hacks

Rate Limiting Before “APIs” Had a Name: How 1995–1998 Shaped Web API Business and Security

In the mid-to-late 1990s, “web APIs” often looked like CGI scripts and HTML form endpoints—yet operators still needed quotas and throttles. This chapter examines how rate limiting quietly became a business and security tool as browsers gained scripting and HTTP traffic scaled.

Chapter 68 (1990–1994): API Security Testing Begins with the Web’s First HTTP Interfaces

From HTTP/0.9 to early CGI gateways, 1990–1994 quietly created the first web APIs—and the first lessons in security testing and abuse prevention.

Rate Limiting Is Older Than “APIs”: How the 1990–1994 Web Learned to Say “Slow Down” (Chapter 21)

In the Web’s earliest years (1990–1994), “APIs” weren’t yet a mainstream product—but HTTP endpoints already needed protection. This chapter traces how rate limiting quietly became a security and business tool as early servers faced scarce resources, buggy clients, and the first automated traffic.