How to Implement Rate Limiting in a Go HTTP Server

Use the golang.org/x/time/rate package to implement token bucket rate limiting in your Go HTTP server.

package main

import (
	"net/http"
	"time"

	"golang.org/x/time/rate"
)

func main() {
	limiter := rate.NewLimiter(rate.Every(time.Second), 10)

	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
		if !limiter.Allow() {
			http.Error(w, "Too Many Requests", http.StatusTooManyRequests)
			return
		}
		w.Write([]byte("Hello, World!"))
	})

	http.ListenAndServe(":8080", nil)
}

Run go get golang.org/x/time/rate to install the dependency before building.

Rate limiting acts like a bouncer at a club, allowing only a specific number of people (requests) inside per minute. It protects your server from crashing when too many users try to access it at once. You use it to ensure fair usage and keep your application stable during traffic spikes.