diff --git a/scripts/Caddyfile b/scripts/Caddyfile
index 889a9a4..a7a23ee 100644
--- a/scripts/Caddyfile
+++ b/scripts/Caddyfile
@@ -53,14 +53,22 @@ yourdomain.com {
     # Rate limiting for API endpoints (requires caddy-ratelimit plugin)
     # General API rate limiting: 30 requests per minute
     @api path /api/*
-    rate_limit @api 30r/m
+    rate_limit @api {
+        key {remote_host}
+        rate 30
+        window 1m
+    }
     
     # Submission rate limiting: 5 requests per minute
     @submit {
         path /api/locations
         method POST
     }
-    rate_limit @submit 5r/m
+    rate_limit @submit {
+        key {remote_host}
+        rate 5
+        window 1m
+    }
 }
 
 # Redirect www to non-www (with HTTPS)