X-WS-RateLimit-Limit
The HTTP X-WS-RateLimit-Limit response header is an unofficial header used by WordPress.com infrastructure to communicate the maximum number of API requests allowed in the current rate limit window.
Note
The X- prefix for non-standard headers is
deprecated per RFC 6648.
Usage
WordPress.com and sites running on Automattic's infrastructure apply rate limiting to API and web requests. The X-WS-RateLimit-Limit header reports the ceiling for the current window: the total number of requests a client is permitted to make before the server begins refusing or throttling additional requests.
The header appears alongside X-WS-RateLimit-Remaining, which shows how many requests remain before the limit is reached. Together, these two headers give API clients a clear view of their current consumption relative to the allowed maximum.
This header follows the same pattern as the widely
adopted X-RateLimit-Limit,
but with the WS- prefix scoping the header to
WordPress.com's specific infrastructure. The "WS"
prefix relates to WordPress.com infrastructure.
Values
Numeric request ceiling
The value is a positive integer representing the
maximum requests permitted in a single rate limit
window. WordPress.com commonly sets this to 1000
for standard API consumers.
Example
A response from a WordPress.com endpoint shows the rate limit ceiling. This value means the client is permitted 1,000 requests within the current window.
X-WS-RateLimit-Limit: 1000
In practice, both rate limit headers appear together so API clients receive a complete picture of their current standing.
X-WS-RateLimit-Limit: 1000
X-WS-RateLimit-Remaining: 993
Takeaway
The X-WS-RateLimit-Limit header reports the maximum
number of requests allowed per window on WordPress.com
infrastructure. The value pairs with
X-WS-RateLimit-Remaining to give clients real-time
visibility into their rate limit consumption.