diff --git a/services/web/app/src/Features/Analytics/AnalyticsRouter.js b/services/web/app/src/Features/Analytics/AnalyticsRouter.js
index b4a8af81b9..90707a3eb7 100644
--- a/services/web/app/src/Features/Analytics/AnalyticsRouter.js
+++ b/services/web/app/src/Features/Analytics/AnalyticsRouter.js
@@ -1,22 +1,39 @@
 const AuthenticationController = require('./../Authentication/AuthenticationController')
 const AnalyticsController = require('./AnalyticsController')
 const AnalyticsProxy = require('./AnalyticsProxy')
+const RateLimiterMiddleware = require('./../Security/RateLimiterMiddleware')
 
 module.exports = {
   apply(webRouter, privateApiRouter, publicApiRouter) {
     webRouter.post(
       '/event/:event([a-z0-9-_]+)',
+      RateLimiterMiddleware.rateLimit({
+        endpointName: 'analytics-record-event',
+        maxRequests: 200,
+        timeInterval: 60,
+      }),
       AnalyticsController.recordEvent
     )
 
     webRouter.put(
       '/editingSession/:projectId',
+      RateLimiterMiddleware.rateLimit({
+        endpointName: 'analytics-update-editing-session',
+        params: ['projectId'],
+        maxRequests: 20,
+        timeInterval: 60,
+      }),
       AnalyticsController.updateEditingSession
     )
 
     publicApiRouter.use(
       '/analytics/uniExternalCollaboration',
       AuthenticationController.requirePrivateApiAuth(),
+      RateLimiterMiddleware.rateLimit({
+        endpointName: 'analytics-uni-external-collab-proxy',
+        maxRequests: 20,
+        timeInterval: 60,
+      }),
       AnalyticsProxy.call('/uniExternalCollaboration')
     )
   },