diff --git a/README.md b/README.md
index 219bbb2ddeeb4fdbc150ced1eef4eb1efe750077..56e16fc68a54ece08df281ab99cc2d03d13b20e8 100644
--- a/README.md
+++ b/README.md
@@ -14,6 +14,9 @@ providing web services on a **single host**.
* Automatic creation/renewal of Let's Encrypt certificates (HTTP challenge).
* Provision of the following basic Middlewares:
* RedirectScheme: Redirect from HTTP to HTTPS
+ * RateLimit: Limit to a _fair_ amount of requests
+ * average: 100 requests per second
+ * burst: 50 requests (per second)
* Headers: HTTP Strict Transport Security with long duration
* Provision of three configurations (modern, intermediate [default], old) for
TLS.
diff --git a/config/files/middlewares_basic.toml b/config/files/middlewares_basic.toml
index 2dcfde486b81a402244a09341835a2d88c2e9451..f8a6adb849b575ba0b68bd1918b07048d5be211e 100644
--- a/config/files/middlewares_basic.toml
+++ b/config/files/middlewares_basic.toml
@@ -2,6 +2,12 @@
[http.middlewares]
[http.middlewares.http2https.redirectScheme]
scheme = "https"
+ [http.middlewares.ratelimit.rateLimit]
+ average = 100
+ burst = 50
+ [http.middlewares.ratelimit.rateLimit.sourceCriterion]
+ [http.middlewares.ratelimit.rateLimit.sourceCriterion.ipStrategy]
+ depth = 1
[http.middlewares.sts.headers]
forceSTSHeader = true
stsSeconds = 31536000
diff --git a/sample.docker-compose.yml b/sample.docker-compose.yml
index 7a35789410aee83a369860a94556355a7dadac5d..c5965eb6bb4bf914bf2fa49b171cdea52f02a108 100644
--- a/sample.docker-compose.yml
+++ b/sample.docker-compose.yml
@@ -52,7 +52,7 @@ services:
# - traefik.http.routers.whoami-sec.entrypoints=websecure
# - traefik.http.routers.whoami-sec.rule=Host(`whoami.mydomain.com`)
# - traefik.http.routers.whoami-sec.tls.certresolver=mydomain-com
-# - traefik.http.routers.whoami-sec.middlewares=sts@file,security@file
+# - traefik.http.routers.whoami-sec.middlewares=ratelimit@file,sts@file,security@file
networks:
webproxy: