Reuse the current IP-based limiter for read endpoints so public reads remain open but throttled, and add integration coverage plus docs updates for the expanded scope. Co-authored-by: Cursor <cursoragent@cursor.com>
Add explicit server timeout/header limits, require trusted proxy CIDRs when honoring forwarded IP headers, and document single-instance storage expectations. Co-authored-by: Cursor <cursoragent@cursor.com>