diff --git a/server/.env b/server/.env
index 42cc3fd..7e0a02e 100644
--- a/server/.env
+++ b/server/.env
@@ -6,6 +6,13 @@
 
 ENVIRONMENT=dev
 PORT=8080
-CLEANUP_INTERVAL_SECONDS=60
+
 FRONTEND_URL="http://localhost:3000"
 DATABASE_URL="file:./dev.db"
+
+CLEANUP_INTERVAL_SECONDS=60
+
+POST_LIMIT_WINDOW_SECONDS=3  # 3 seconds
+POST_LIMIT=1
+# POST_LIMIT_WINDOW=86400  # 24 hours
+# POST_LIMIT=50
diff --git a/server/prisma/dev.db b/server/prisma/dev.db
index 0fc7f04..82933cb 100644
Binary files a/server/prisma/dev.db and b/server/prisma/dev.db differ
diff --git a/server/server.ts b/server/server.ts
index b436b42..552569c 100644
--- a/server/server.ts
+++ b/server/server.ts
@@ -24,9 +24,8 @@ if (process.env.ENVIRONMENT == "dev") {
 
 // Apply rate limiting
 const postLimiter = rateLimit({
-  windowMs: 5000, // 1 day
-  // windowMs: 1000 * 60 * 60 * 24, // 1 day
-  max: 1, // Limit each IP to 50 requests per window
+  windowMs: parseInt(process.env.POST_LIMIT_WINDOW_SECONDS as string) * 1000,
+  max: parseInt(process.env.POST_LIMIT as string), // Limit each IP to X requests per window
   standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
   legacyHeaders: false, // Disable the `X-RateLimit-*` headers
 });