# General settings

### 1. **Request creation limit (anti-spam protection)**

The functionality allows you to limit the number of requests that can be created from one IP address within a specified period of time.

Used to protect against:

* mass spam requests
* system overload
* abuse of the exchange form (bots, scripts)

**Configuration parameters:**

* **Enable request creation limit**\
  Enables or disables the limit.\
  When the switch is off, limits are not applied.
* **Request creation limit**\
  The maximum number of requests that one IP address can create within the specified period.\
  Example: `10` — one user will be able to create no more than 10 requests.
* **Limit period (minutes)**\
  The time interval during which the limit is active.\
  Example: `60` — the limit applies for 60 minutes.

**How it works:**

* The system tracks the number of requests from one IP
* When the limit is reached, new requests are temporarily blocked, and the user will receive a notification <mark style="background-color:red;">"Too many attempts. Please try again later."</mark>
* Request creation becomes available after the specified period ends

## 2. **Open by default (UI behavior)**

Determines whether the "Exchange rules" section will be automatically expanded when the request creation page loads.

* **Enabled** — the section is open immediately
* **Disabled** — the section is collapsed

<figure><img src="https://2918865942-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fp0ow3kIXHQDcl9DBdYiM%2Fuploads%2F0H5YVnVaoJqKz4zyVtMw%2Fimage.png?alt=media&#x26;token=ec646c14-7edf-4cd4-a482-1db415716968" alt=""><figcaption></figcaption></figure>

#### 💡 Usage recommendations

* For basic spam protection: `5–10 requests/60 minutes`
* Under high load or attacks - reduce the limit and/or increase the period
* It is not recommended to set overly strict limits so as not to interfere with real users