diff --git a/app/Providers/RouteServiceProvider.php b/app/Providers/RouteServiceProvider.php
index 9bcdc1f4682a..3a7364eda1ff 100644
--- a/app/Providers/RouteServiceProvider.php
+++ b/app/Providers/RouteServiceProvider.php
@@ -86,6 +86,10 @@ class RouteServiceProvider extends ServiceProvider
             }
         });
 
+        RateLimiter::for('honeypot', function (Request $request) {
+            return Limit::perMinute(2)->by($request->ip());
+        });
+
     }
 
     /**
diff --git a/routes/client.php b/routes/client.php
index ecb1dd11226f..1be22a18ca7f 100644
--- a/routes/client.php
+++ b/routes/client.php
@@ -141,6 +141,9 @@ Route::group(['middleware' => ['invite_db'], 'prefix' => 'client', 'as' => 'clie
 
 Route::get('phantom/{entity}/{invitation_key}', [Phantom::class, 'displayInvitation'])->middleware(['invite_db', 'phantom_secret'])->name('phantom_view');
 
+Route::get('.env', function () {
+})->middleware('throttle:honeypot');
+
 Route::fallback(function () {
 
     if (Ninja::isSelfHost() && Account::first()?->set_react_as_default_ap) {