In his latest post Joshua Thijssen introduces a new tool he's created to help Symfony2-based APIs handle rate limiting relatively easily: the RateLimit Bundle. The project was recently created as a part of some work he's been doing on the TechAnalyze service.
Too many times third party applications will be polling your API when they don’t really need too, and maybe you can lighten the load a bit with some heavy-duty caching, but in essence you want that every API call made matters. [...] Most of our calls are pretty lightweight, but some of them aren’t, nor are they easily cacheable. This is why we are limiting the number of calls each client can make to the API. But it wouldn’t be fair to just limit the number of calls in general.
[...] Our platform is written in PHP, based on the Symfony2 framework. There are many different bundles available for symfony2, all adding new functionality, but somehow we couldn’t find a (good) bundle for throttling our API. But after a search, we found a gist by Ruud Kamphuis, which pretty much does what we need. So we decided to set up a similar bundle, and added some flexibility in its usage.
The RateLimitBundle allows you to add a "@ratelimit" annotation directly to the controller or action in the application and adds remaining allowed calls to the response headers. The mentions some drawbacks to the bundle like a dependency on redis and how it figures out "distinct calls" to the API. He also breaks it down into the functional pieces and talks about how each one works and where it fits into the overall functionality.