diff --git a/app/controllers/api/databases.php b/app/controllers/api/databases.php
index 5a125dd480..eb76245ae4 100644
--- a/app/controllers/api/databases.php
+++ b/app/controllers/api/databases.php
@@ -1802,6 +1802,8 @@ App::post('/v1/databases/:databaseId/collections/:collectionId/documents')
     ->label('audits.resource', 'database/{request.databaseId}/collection/{request.collectionId}')
     ->label('usage.metric', 'documents.{scope}.requests.create')
     ->label('usage.params', ['databaseId:{request.databaseId}', 'collectionId:{request.collectionId}'])
+    ->label('abuse-limit', 120)
+    ->label('abuse-time', 60)
     ->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_KEY, APP_AUTH_TYPE_JWT])
     ->label('sdk.namespace', 'databases')
     ->label('sdk.method', 'createDocument')
@@ -2191,6 +2193,8 @@ App::patch('/v1/databases/:databaseId/collections/:collectionId/documents/:docum
     ->label('audits.resource', 'database/{request.databaseId}/collection/{request.collectionId}/document/{response.$id}')
     ->label('usage.metric', 'documents.{scope}.requests.update')
     ->label('usage.params', ['databaseId:{request.databaseId}', 'collectionId:{request.collectionId}'])
+    ->label('abuse-limit', 60)
+    ->label('abuse-time', 60)
     ->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_KEY, APP_AUTH_TYPE_JWT])
     ->label('sdk.namespace', 'databases')
     ->label('sdk.method', 'updateDocument')
@@ -2320,6 +2324,8 @@ App::delete('/v1/databases/:databaseId/collections/:collectionId/documents/:docu
     ->label('audits.resource', 'database/{request.databaseId}/collection/{request.collectionId}/document/{request.documentId}')
     ->label('usage.metric', 'documents.{scope}.requests.delete')
     ->label('usage.params', ['databaseId:{request.databaseId}', 'collectionId:{request.collectionId}'])
+    ->label('abuse-limit', 60)
+    ->label('abuse-time', 60)
     ->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_KEY, APP_AUTH_TYPE_JWT])
     ->label('sdk.namespace', 'databases')
     ->label('sdk.method', 'deleteDocument')
diff --git a/app/controllers/api/storage.php b/app/controllers/api/storage.php
index 89628077fe..f8b0630a7d 100644
--- a/app/controllers/api/storage.php
+++ b/app/controllers/api/storage.php
@@ -326,6 +326,8 @@ App::post('/v1/storage/buckets/:bucketId/files')
     ->label('audits.resource', 'files/{response.$id}')
     ->label('usage.metric', 'files.{scope}.requests.create')
     ->label('usage.params', ['bucketId:{request.bucketId}'])
+    ->label('abuse-limit', 60)
+    ->label('abuse-time', 60)
     ->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_KEY, APP_AUTH_TYPE_JWT])
     ->label('sdk.namespace', 'storage')
     ->label('sdk.method', 'createFile')
@@ -1204,6 +1206,8 @@ App::put('/v1/storage/buckets/:bucketId/files/:fileId')
     ->label('audits.resource', 'files/{response.$id}')
     ->label('usage.metric', 'files.{scope}.requests.update')
     ->label('usage.params', ['bucketId:{request.bucketId}'])
+    ->label('abuse-limit', 60)
+    ->label('abuse-time', 60)
     ->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_KEY, APP_AUTH_TYPE_JWT])
     ->label('sdk.namespace', 'storage')
     ->label('sdk.method', 'updateFile')
@@ -1303,6 +1307,8 @@ App::delete('/v1/storage/buckets/:bucketId/files/:fileId')
     ->label('audits.resource', 'file/{request.fileId}')
     ->label('usage.metric', 'files.{scope}.requests.delete')
     ->label('usage.params', ['bucketId:{request.bucketId}'])
+    ->label('abuse-limit', 60)
+    ->label('abuse-time', 60)
     ->label('sdk.auth', [APP_AUTH_TYPE_SESSION, APP_AUTH_TYPE_KEY, APP_AUTH_TYPE_JWT])
     ->label('sdk.namespace', 'storage')
     ->label('sdk.method', 'deleteFile')