blackjack fix exploit

2023-02-27 07:33:45 +02:00 · 2023-02-27 07:33:45 +02:00 · 17bb6dad48
parent 6e200d332e
commit 17bb6dad48
23 changed files with 182 additions and 182 deletions
--- a/files/routes/admin.py
+++ b/files/routes/admin.py
@ -76,7 +76,7 @@ def edit_rules_get(v):


@app.post('/admin/edit_rules')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("30/minute;200/hour;1000/day")
@limiter.limit("30/minute;200/hour;1000/day", key_func=get_ID)
@admin_level_required(PERMS['EDIT_RULES'])
@ -95,7 +95,7 @@ def edit_rules_post(v):
 	return render_template('admin/edit_rules.html', v=v, rules=rules, msg='Rules edited successfully!')

@app.post("/@<username>/make_admin")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['ADMIN_ADD'])
@ -118,7 +118,7 @@ def make_admin(v:User, username):


@app.post("/@<username>/remove_admin")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['ADMIN_REMOVE'])
@ -147,7 +147,7 @@ def remove_admin(v:User, username):
 	return {"message": f"@{user.username} has been removed as admin!"}

@app.post("/distribute/<int:option_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['POST_BETS_DISTRIBUTE'])
@ -206,7 +206,7 @@ def distribute(v:User, option_id):
 	return {"message": f"Each winner has received {coinsperperson} coins!"}

@app.post("/@<username>/revert_actions")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['ADMIN_ACTIONS_REVERT'])
@ -356,7 +356,7 @@ def admin_home(v):
 	return render_template("admin/admin_home.html", v=v)

@app.post("/admin/site_settings/<setting>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['SITE_SETTINGS'])
@ -385,7 +385,7 @@ def change_settings(v:User, setting):
 	return {'message': f"{setting.replace('_', ' ').title()} {word}d successfully!"}

@app.post("/admin/clear_cloudflare_cache")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['SITE_CACHE_PURGE_CDN'])
@ -423,7 +423,7 @@ def badge_grant_get(v):

@app.post("/admin/badge_grant")
@feature_required('BADGES')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['USER_BADGES'])
@ -485,7 +485,7 @@ def badge_grant_post(v):

@app.post("/admin/badge_remove")
@feature_required('BADGES')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['USER_BADGES'])
@ -637,7 +637,7 @@ def admin_view_alts(v:User, username=None):
 	return render_template('admin/alts.html', v=v, u=u, alts=u.alts if u else None)

@app.post('/@<username>/alts/')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['USER_LINK'])
@ -673,7 +673,7 @@ def admin_add_alt(v:User, username):
 	return {"message": f"Linked @{user1.username} and @{user2.username} successfully!"}

@app.post('/@<username>/alts/<int:other>/deleted')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['USER_LINK'])
@ -740,7 +740,7 @@ def admin_removed_comments(v):
 						)

@app.post("/unagendaposter/<id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['USER_AGENDAPOSTER'])
@ -781,7 +781,7 @@ def unagendaposter(id, v):


@app.post("/shadowban/<int:user_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['USER_SHADOWBAN'])
@ -817,7 +817,7 @@ def shadowban(user_id, v):
 	return {"message": f"@{user.username} has been shadowbanned!"}

@app.post("/unshadowban/<int:user_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['USER_SHADOWBAN'])
@ -845,7 +845,7 @@ def unshadowban(user_id, v):


@app.post("/admin/title_change/<int:user_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['USER_TITLE_CHANGE'])
@ -890,7 +890,7 @@ def admin_title_change(user_id, v):
 	return {"message": f"@{user.username}'s flair has been changed!"}

@app.post("/ban_user/<id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['USER_BAN'])
@ -983,7 +983,7 @@ def ban_user(id, v):


@app.post("/agendaposter/<id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['USER_AGENDAPOSTER'])
@ -1079,7 +1079,7 @@ def agendaposter(id, v):


@app.post("/unban_user/<id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['USER_BAN'])
@ -1125,7 +1125,7 @@ def unban_user(id, v):
 	return {"message": f"@{user.username} has been unbanned!"}

@app.post("/mute_user/<int:user_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['USER_BAN'])
@ -1147,7 +1147,7 @@ def mute_user(v:User, user_id):


@app.post("/unmute_user/<int:user_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['USER_BAN'])
@ -1167,7 +1167,7 @@ def unmute_user(v:User, user_id):
 	return {"message": f"@{user.username} has been unmuted!"}

@app.post("/admin/progstack/post/<int:post_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['PROGSTACK'])
@ -1188,7 +1188,7 @@ def progstack_post(post_id, v):
 	return {"message": "Progressive stack applied on post!"}

@app.post("/admin/unprogstack/post/<int:post_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['PROGSTACK'])
@ -1207,7 +1207,7 @@ def unprogstack_post(post_id, v):
 	return {"message": "Progressive stack removed from post!"}

@app.post("/admin/progstack/comment/<int:comment_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['PROGSTACK'])
@ -1228,7 +1228,7 @@ def progstack_comment(comment_id, v):
 	return {"message": "Progressive stack applied on comment!"}

@app.post("/admin/unprogstack/comment/<int:comment_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['PROGSTACK'])
@ -1247,7 +1247,7 @@ def unprogstack_comment(comment_id, v):
 	return {"message": "Progressive stack removed from comment!"}

@app.post("/remove_post/<int:post_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
@ -1277,7 +1277,7 @@ def remove_post(post_id, v):


@app.post("/approve_post/<int:post_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
@ -1310,7 +1310,7 @@ def approve_post(post_id, v):


@app.post("/distinguish/<int:post_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_DISTINGUISH'])
@ -1340,7 +1340,7 @@ def distinguish_post(post_id, v):

@app.post("/sticky/<int:post_id>")
@feature_required('PINS')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
@ -1386,7 +1386,7 @@ def sticky_post(post_id, v):


@app.post("/unsticky/<int:post_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
@ -1417,7 +1417,7 @@ def unsticky_post(post_id, v):
 	return {"message": "Post unpinned!"}

@app.post("/sticky_comment/<int:cid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
@ -1455,7 +1455,7 @@ def sticky_comment(cid, v):


@app.post("/unsticky_comment/<int:cid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
@ -1489,7 +1489,7 @@ def unsticky_comment(cid, v):


@app.post("/remove_comment/<int:c_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
@ -1511,7 +1511,7 @@ def remove_comment(c_id, v):


@app.post("/approve_comment/<int:c_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
@ -1539,7 +1539,7 @@ def approve_comment(c_id, v):


@app.post("/distinguish_comment/<int:c_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_DISTINGUISH'])
@ -1577,7 +1577,7 @@ def admin_banned_domains(v):
 		banned_domains=banned_domains)

@app.post("/admin/ban_domain")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['DOMAINS_BAN'])
@ -1610,7 +1610,7 @@ def ban_domain(v):


@app.post("/admin/unban_domain/<path:domain>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['DOMAINS_BAN'])
@ -1631,7 +1631,7 @@ def unban_domain(v:User, domain):


@app.post("/admin/nuke_user")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
@ -1666,7 +1666,7 @@ def admin_nuke_user(v):


@app.post("/admin/unnuke_user")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
@ -1702,7 +1702,7 @@ def admin_nunuke_user(v):
 	return {"message": f"@{user.username}'s content has been approved!"}

@app.post("/blacklist/<int:user_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['USER_BLACKLIST'])
@ -1724,7 +1724,7 @@ def blacklist_user(user_id, v):
 	return {"message": f"@{user.username} has been blacklisted from restricted holes!"}

@app.post("/unblacklist/<int:user_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['USER_BLACKLIST'])
@ -1754,7 +1754,7 @@ def delete_media_get(v):
 	return render_template("admin/delete_media.html", v=v)

@app.post("/admin/delete_media")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['DELETE_MEDIA'])
--- a/files/routes/allroutes.py
+++ b/files/routes/allroutes.py
@ -58,8 +58,8 @@ def after_request(response:Response):
 	if response.status_code < 400:
 		_commit_and_close_db()

-	if request.method == "POST":
-		r.delete(f'LIMITER/{get_CF()}/{request.endpoint}:{request.path}/1/2/second')
+	if request.method == "POST" and not request.path.startswith('/casino/twentyone/'):
+		r.delete(f'LIMITER/{get_CF()}/{request.endpoint}:{request.path}/1/1/second')

 	return response

--- a/files/routes/asset_submissions.py
+++ b/files/routes/asset_submissions.py
@ -34,7 +34,7 @@ def submit_marseys(v:User):


@app.post("/submit/marseys")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -109,7 +109,7 @@ def verify_permissions_and_get_asset(cls, asset_type:str, v:User, name:str, make
 	return asset

@app.post("/admin/approve/marsey/<name>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['MODERATE_PENDING_SUBMITTED_ASSETS'])
@ -209,7 +209,7 @@ def remove_asset(cls, type_name:str, v:User, name:str) -> dict[str, str]:
 	return {"message": f"'{name}' removed!"}

@app.post("/remove/marsey/<name>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -228,7 +228,7 @@ def submit_hats(v:User):


@app.post("/submit/hats")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -292,7 +292,7 @@ def submit_hat(v:User):


@app.post("/admin/approve/hat/<name>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("120/minute;200/hour;1000/day")
@limiter.limit("120/minute;200/hour;1000/day", key_func=get_ID)
@admin_level_required(PERMS['MODERATE_PENDING_SUBMITTED_ASSETS'])
@ -364,7 +364,7 @@ def approve_hat(v, name):
 	return {"message": f"'{hat.name}' approved!"}

@app.post("/remove/hat/<name>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -391,7 +391,7 @@ def update_marseys(v):


@app.post("/admin/update/marseys")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['UPDATE_ASSETS'])
@ -452,7 +452,7 @@ def update_hats(v):


@app.post("/admin/update/hats")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['UPDATE_ASSETS'])
--- a/files/routes/awards.py
+++ b/files/routes/awards.py
@ -47,7 +47,7 @@ def shop(v:User):


@app.post("/buy/<award>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("100/minute;200/hour;1000/day")
@limiter.limit("100/minute;200/hour;1000/day", key_func=get_ID)
@auth_required
@ -129,7 +129,7 @@ def buy(v:User, award):
 	return {"message": f"{award_title} award bought!"}

@app.post("/award/<thing_type>/<int:id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
--- a/files/routes/casino.py
+++ b/files/routes/casino.py
@ -80,7 +80,7 @@ def lottershe(v:User):

 # Slots
@app.post("/casino/slots")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(CASINO_RATELIMIT)
@limiter.limit(CASINO_RATELIMIT, key_func=get_ID)
@auth_required
@ -113,7 +113,7 @@ def pull_slots(v:User):

 # 21
@app.post("/casino/twentyone/deal")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(CASINO_RATELIMIT)
@limiter.limit(CASINO_RATELIMIT, key_func=get_ID)
@auth_required
@ -134,7 +134,7 @@ def blackjack_deal_to_player(v:User):


@app.post("/casino/twentyone/hit")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(CASINO_RATELIMIT)
@limiter.limit(CASINO_RATELIMIT, key_func=get_ID)
@auth_required
@ -151,7 +151,7 @@ def blackjack_player_hit(v:User):


@app.post("/casino/twentyone/stay")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(CASINO_RATELIMIT)
@limiter.limit(CASINO_RATELIMIT, key_func=get_ID)
@auth_required
@ -168,7 +168,7 @@ def blackjack_player_stay(v:User):


@app.post("/casino/twentyone/double-down")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(CASINO_RATELIMIT)
@limiter.limit(CASINO_RATELIMIT, key_func=get_ID)
@auth_required
@ -185,7 +185,7 @@ def blackjack_player_doubled_down(v:User):


@app.post("/casino/twentyone/buy-insurance")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(CASINO_RATELIMIT)
@limiter.limit(CASINO_RATELIMIT, key_func=get_ID)
@auth_required
@ -215,7 +215,7 @@ def roulette_get_bets(v:User):


@app.post("/casino/roulette/place-bet")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(CASINO_RATELIMIT)
@limiter.limit(CASINO_RATELIMIT, key_func=get_ID)
@auth_required
--- a/files/routes/comments.py
+++ b/files/routes/comments.py
@ -83,7 +83,7 @@ def post_pid_comment_cid(cid, pid=None, anything=None, v=None, sub=None):
 		return render_template(template, v=v, p=post, sort=sort, comment_info=comment_info, render_replies=True, sub=post.subr)

@app.post("/comment")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("20/minute;200/hour;1000/day")
@limiter.limit("20/minute;200/hour;1000/day", key_func=get_ID)
@auth_required
@ -377,7 +377,7 @@ def comment(v:User):
 	return {"comment": render_template("comments.html", v=v, comments=[c])}

@app.post("/edit_comment/<int:cid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("10/minute;100/hour;200/day")
@limiter.limit("10/minute;100/hour;200/day", key_func=get_ID)
@is_not_permabanned
@ -455,7 +455,7 @@ def edit_comment(cid, v):


@app.post("/delete/comment/<int:cid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -478,7 +478,7 @@ def delete_comment(cid, v):
 	return {"message": "Comment deleted!"}

@app.post("/undelete/comment/<int:cid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -500,7 +500,7 @@ def undelete_comment(cid, v):

@app.post("/pin_comment/<int:cid>")
@feature_required('PINS')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -525,7 +525,7 @@ def pin_comment(cid, v):


@app.post("/unpin_comment/<int:cid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -549,7 +549,7 @@ def unpin_comment(cid, v):


@app.post("/save_comment/<int:cid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -567,7 +567,7 @@ def save_comment(cid, v):
 	return {"message": "Comment saved!"}

@app.post("/unsave_comment/<int:cid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -604,7 +604,7 @@ def diff_words(answer, guess):


@app.post("/wordle/<int:cid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -638,7 +638,7 @@ def handle_wordle_action(cid, v):

@app.post("/toggle_comment_nsfw/<int:cid>")
@feature_required('NSFW_MARKING')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
--- a/files/routes/errors.py
+++ b/files/routes/errors.py
@ -62,7 +62,7 @@ def error_500(e):


@app.post("/allow_nsfw")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
 def allow_nsfw():
 	session["over_18"] = int(time.time()) + 3600
--- a/files/routes/groups.py
+++ b/files/routes/groups.py
@ -16,7 +16,7 @@ def ping_groups(v:User):
 	return render_template('groups.html', v=v, groups=groups, cost=GROUP_COST, msg=get_msg(), error=get_error())

@app.post("/create_group")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -55,7 +55,7 @@ def create_group(v):
 	return redirect(f'/ping_groups?msg=!{group} created successfully!')

@app.post("/!<group_name>/apply")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -71,7 +71,7 @@ def join_group(v:User, group_name):
 	return {"message": f"Application submitted to !{group}'s owner (@{group.owner.username}) successfully!"}

@app.post("/!<group_name>/leave")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -116,7 +116,7 @@ def memberships(v:User, group_name):
 	return render_template('group_memberships.html', v=v, group=group, members=members, applications=applications)

@app.post("/!<group_name>/<user_id>/approve")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -139,7 +139,7 @@ def group_approve(v:User, group_name, user_id):
 	return {"message": f'You have approved @{application.user.username} successfully!'}

@app.post("/!<group_name>/<user_id>/reject")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
--- a/files/routes/hats.py
+++ b/files/routes/hats.py
@ -29,7 +29,7 @@ def hats(v:User):
 	return render_template("hats.html", owned_hat_ids=owned_hat_ids, hats=hats, v=v, sales=sales, num_of_hats=num_of_hats)

@app.post("/buy_hat/<int:hat_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit('100/minute;1000/3 days')
@limiter.limit('100/minute;1000/3 days', key_func=get_ID)
@auth_required
@ -82,7 +82,7 @@ def buy_hat(v:User, hat_id):


@app.post("/equip_hat/<int:hat_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -99,7 +99,7 @@ def equip_hat(v:User, hat_id):
 	return {"message": f"'{hat.name}' equipped!"}

@app.post("/unequip_hat/<int:hat_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
--- a/files/routes/login.py
+++ b/files/routes/login.py
@ -39,7 +39,7 @@ def login_deduct_when(resp):
 	return g.login_failed

@app.post("/login")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@auth_desired
@limiter.limit("6/minute;10/day", deduct_when=login_deduct_when)
@ -139,7 +139,7 @@ def me(v:User):


@app.post("/logout")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -199,7 +199,7 @@ def sign_up_get(v:Optional[User]):


@app.post("/signup")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("10/day")
@auth_desired
 def sign_up_post(v:Optional[User]):
@ -373,7 +373,7 @@ def get_forgot():


@app.post("/forgot")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
 def post_forgot():

@ -439,7 +439,7 @@ def get_reset():


@app.post("/reset")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@auth_desired
 def post_reset(v:Optional[User]):
@ -486,7 +486,7 @@ def lost_2fa(v:Optional[User]):
 	return render_template("login/lost_2fa.html", v=v)

@app.post("/lost_2fa")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("6/minute;200/hour;1000/day")
 def lost_2fa_post():
 	username=request.values.get("username")
--- a/files/routes/lottery.py
+++ b/files/routes/lottery.py
@ -7,7 +7,7 @@ from files.routes.wrappers import *
 from files.__main__ import app, limiter

@app.post("/lottery/end")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['LOTTERY_ADMIN'])
@ -17,7 +17,7 @@ def lottery_end(v):


@app.post("/lottery/start")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['LOTTERY_ADMIN'])
@ -27,7 +27,7 @@ def lottery_start(v):


@app.post("/lottery/buy")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("100/minute;500/hour;1000/day")
@limiter.limit("100/minute;500/hour;1000/day", key_func=get_ID)
@auth_required
--- a/files/routes/mail.py
+++ b/files/routes/mail.py
@ -10,7 +10,7 @@ from files.routes.users import claim_rewards
 from files.__main__ import app, limiter

@app.post("/verify_email")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
--- a/files/routes/notifications.py
+++ b/files/routes/notifications.py
@ -11,7 +11,7 @@ from files.routes.wrappers import *
 from files.__main__ import app

@app.post("/clear")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
--- a/files/routes/oauth.py
+++ b/files/routes/oauth.py
@ -18,7 +18,7 @@ def authorize_prompt(v:User):
 	return render_template("oauth.html", v=v, application=application)

@app.post("/authorize")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -39,7 +39,7 @@ def authorize(v):
 	return redirect(f"{application.redirect_uri}?token={access_token}")

@app.post("/rescind/<int:aid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -52,7 +52,7 @@ def rescind(v, aid):


@app.post("/api_keys")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -94,7 +94,7 @@ def request_api_keys(v):


@app.post("/delete_app/<int:aid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -118,7 +118,7 @@ def delete_oauth_app(v, aid):


@app.post("/edit_app/<int:aid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -143,7 +143,7 @@ def edit_oauth_app(v, aid):


@app.post("/admin/app/approve/<int:aid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['APPS_MODERATION'])
@ -181,7 +181,7 @@ def admin_app_approve(v, aid):


@app.post("/admin/app/revoke/<int:aid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['APPS_MODERATION'])
@ -208,7 +208,7 @@ def admin_app_revoke(v, aid):


@app.post("/admin/app/reject/<int:aid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['APPS_MODERATION'])
@ -298,7 +298,7 @@ def admin_apps_list(v):


@app.post("/reroll/<int:aid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
--- a/files/routes/polls.py
+++ b/files/routes/polls.py
@ -6,7 +6,7 @@ from files.__main__ import app


@app.post("/vote/post/option/<int:option_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -88,7 +88,7 @@ def option_votes(option_id, v):


@app.post("/vote/comment/option/<int:option_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
--- a/files/routes/posts.py
+++ b/files/routes/posts.py
@ -33,7 +33,7 @@ from files.__main__ import app, limiter
 titleheaders = {"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36"}

@app.post("/publish/<int:pid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -256,7 +256,7 @@ def more_comments(v, cid):
 	return render_template("comments.html", v=v, comments=comments, p=p, render_replies=True)

@app.post("/edit_post/<int:pid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("10/minute;100/hour;200/day")
@limiter.limit("10/minute;100/hour;200/day", key_func=get_ID)
@is_not_permabanned
@ -478,7 +478,7 @@ def thumbnail_thread(pid:int, vid:int):


@app.post("/is_repost")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
 def is_repost():
 	not_a_repost = {'permalink': ''}
@ -524,7 +524,7 @@ def is_repost():

@app.post("/submit")
@app.post("/h/<sub>/submit")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(POST_RATELIMIT)
@limiter.limit(POST_RATELIMIT, key_func=get_ID)
@auth_required
@ -806,7 +806,7 @@ def submit_post(v:User, sub=None):
 		return {"post_id": post.id}

@app.post("/delete_post/<int:pid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -834,7 +834,7 @@ def delete_post_pid(pid, v):
 	return {"message": "Post deleted!"}

@app.post("/undelete_post/<int:pid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -858,7 +858,7 @@ def undelete_post_pid(pid, v):

@app.post("/mark_post_nsfw/<int:pid>")
@feature_required('NSFW_MARKING')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -896,7 +896,7 @@ def mark_post_nsfw(pid, v):

@app.post("/unmark_post_nsfw/<int:pid>")
@feature_required('NSFW_MARKING')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -933,7 +933,7 @@ def unmark_post_nsfw(pid, v):
 	return {"message": "Post has been unmarked as +18!"}

@app.post("/save_post/<int:pid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -950,7 +950,7 @@ def save_post(pid, v):
 	return {"message": "Post saved!"}

@app.post("/unsave_post/<int:pid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -966,7 +966,7 @@ def unsave_post(pid, v):
 	return {"message": "Post unsaved!"}

@app.post("/pin/<int:post_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
--- a/files/routes/push_notifs.py
+++ b/files/routes/push_notifs.py
@ -4,7 +4,7 @@ from flask import request, g
 from files.classes.push_subscriptions import PushSubscription

@app.post("/push_subscribe")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
--- a/files/routes/reporting.py
+++ b/files/routes/reporting.py
@ -12,7 +12,7 @@ from files.routes.wrappers import *
 from files.__main__ import app, limiter, cache

@app.post("/report/post/<int:pid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -69,7 +69,7 @@ def flag_post(pid, v):


@app.post("/report/comment/<int:cid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -96,7 +96,7 @@ def flag_comment(cid, v):


@app.post('/del_report/post/<int:pid>/<int:uid>')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("100/minute;300/hour;2000/day")
@limiter.limit("100/minute;300/hour;2000/day", key_func=get_ID)
@admin_level_required(PERMS['FLAGS_REMOVE'])
@ -121,7 +121,7 @@ def remove_report_post(v, pid, uid):


@app.post('/del_report/comment/<int:cid>/<int:uid>')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("100/minute;300/hour;2000/day")
@limiter.limit("100/minute;300/hour;2000/day", key_func=get_ID)
@admin_level_required(PERMS['FLAGS_REMOVE'])
--- a/files/routes/settings.py
+++ b/files/routes/settings.py
@ -51,7 +51,7 @@ def remove_background(v):
 	return {"message": "Background removed!"}

@app.post('/settings/custom_background')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -76,7 +76,7 @@ def upload_custom_background(v):
 	return redirect('/settings/personal')

@app.post('/settings/profile_background')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -108,7 +108,7 @@ def delete_profile_background(v):
 	return {"message": "Profile background removed!"}

@app.post("/settings/personal")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -366,7 +366,7 @@ def settings_personal_post(v):


@app.post("/settings/filters")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -395,7 +395,7 @@ def set_color(v:User, attr:str, color:Optional[str]):


@app.post("/settings/namecolor")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -403,7 +403,7 @@ def namecolor(v):
 	return set_color(v, "namecolor", request.values.get("namecolor"))

@app.post("/settings/themecolor")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -411,7 +411,7 @@ def themecolor(v):
 	return set_color(v, "themecolor", request.values.get("themecolor"))

@app.post("/settings/titlecolor")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -419,7 +419,7 @@ def titlecolor(v):
 	return set_color(v, "titlecolor", request.values.get("titlecolor"))

@app.post("/settings/verifiedcolor")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -428,7 +428,7 @@ def verifiedcolor(v):
 	return set_color(v, "verifiedcolor", request.values.get("verifiedcolor"))

@app.post("/settings/security")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -503,7 +503,7 @@ def settings_security_post(v):
 		return render_template("settings/security.html", v=v, msg="Two-factor authentication disabled!")

@app.post("/settings/log_out_all_others")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -520,7 +520,7 @@ def settings_log_out_others(v):


@app.post("/settings/images/profile")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -560,7 +560,7 @@ def settings_images_profile(v):

@app.post("/settings/images/banner")
@feature_required('USERS_PROFILE_BANNER')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -589,7 +589,7 @@ def settings_css_get(v:User):
 	return render_template("settings/css.html", v=v, msg=get_msg(), profilecss=v.profilecss)

@app.post("/settings/css")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -602,7 +602,7 @@ def settings_css(v):
 	return render_template("settings/css.html", v=v, msg="Custom CSS successfully updated!", profilecss=v.profilecss)

@app.post("/settings/profilecss")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -629,7 +629,7 @@ def settings_security(v:User):
 						)

@app.post("/settings/block")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("20/day")
@limiter.limit("20/day", key_func=get_ID)
@auth_required
@ -657,7 +657,7 @@ def settings_block_user(v):


@app.post("/settings/unblock")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -686,7 +686,7 @@ def settings_advanced_get(v:User):
 	return render_template("settings/advanced.html", v=v, msg=get_msg(), error=get_error())

@app.post("/settings/name_change")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -726,7 +726,7 @@ def settings_name_change(v):

@app.post("/settings/song_change_mp3")
@feature_required('USERS_PROFILE_SONG')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("10/day")
@limiter.limit("10/day", key_func=get_ID)
@auth_required
@ -791,7 +791,7 @@ def _change_song_youtube(vid, id):

@app.post("/settings/song_change")
@feature_required('USERS_PROFILE_SONG')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("10/day")
@limiter.limit("10/day", key_func=get_ID)
@auth_required
@ -843,7 +843,7 @@ def settings_song_change(v):
 	return redirect("/settings/personal?msg=Profile Anthem successfully updated. Wait 5 minutes for the change to take effect.")

@app.post("/settings/title_change")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -873,7 +873,7 @@ def settings_title_change(v):

@app.post("/settings/pronouns_change")
@feature_required('PRONOUNS')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -900,7 +900,7 @@ def settings_pronouns_change(v):


@app.post("/settings/checkmark_text")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -915,7 +915,7 @@ def settings_checkmark_text(v):

 if IS_FISTMAS():
 	@app.post("/events/fistmas2022/darkmode")
-	@limiter.limit('1/2 second', scope=rpath)
+	@limiter.limit('1/second', scope=rpath)
 	@limiter.limit(DEFAULT_RATELIMIT)
 	@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
 	@auth_required
--- a/files/routes/static.py
+++ b/files/routes/static.py
@ -244,7 +244,7 @@ def contact(v:Optional[User]):
 	return render_template("contact.html", v=v, msg=get_msg())

@app.post("/contact")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("1/minute;10/day")
@limiter.limit("1/minute;10/day", key_func=get_ID)
@auth_required
@ -343,7 +343,7 @@ def mobile_app(v:Optional[User]):
 	return render_template("app.html", v=v)

@app.post("/dismiss_mobile_tip")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
 def dismiss_mobile_tip():
 	session["tooltip_last_dismissed"] = int(time.time())
--- a/files/routes/subs.py
+++ b/files/routes/subs.py
@ -8,7 +8,7 @@ from .front import frontlist
 from files.__main__ import app, cache, limiter

@app.post("/exile/post/<int:pid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -42,7 +42,7 @@ def exile_post(v:User, pid):
 	return {"message": f"@{u.username} has been exiled from /h/{sub} successfully!"}

@app.post("/exile/comment/<int:cid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -76,7 +76,7 @@ def exile_comment(v:User, cid):
 	return {"message": f"@{u.username} has been exiled from /h/{sub} successfully!"}

@app.post("/h/<sub>/unexile/<int:uid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -107,7 +107,7 @@ def unexile(v:User, sub, uid):
 	return redirect(f'/h/{sub}/exilees')

@app.post("/h/<sub>/block")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -121,7 +121,7 @@ def block_sub(v:User, sub):
 	return {"message": f"/h/{sub} blocked successfully!"}

@app.post("/h/<sub>/unblock")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -139,7 +139,7 @@ def unblock_sub(v:User, sub):
 	return {"message": f"/h/{sub.name} unblocked successfully!"}

@app.post("/h/<sub>/subscribe")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -153,7 +153,7 @@ def subscribe_sub(v:User, sub):
 	return {"message": f"/h/{sub} unblocked successfully!"}

@app.post("/h/<sub>/unsubscribe")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -166,7 +166,7 @@ def unsubscribe_sub(v:User, sub):
 	return {"message": f"/h/{sub} blocked successfully!"}

@app.post("/h/<sub>/follow")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -183,7 +183,7 @@ def follow_sub(v:User, sub):
 	return {"message": f"/h/{sub} followed successfully!"}

@app.post("/h/<sub>/unfollow")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -257,7 +257,7 @@ def sub_followers(v:User, sub):


@app.post("/h/<sub>/add_mod")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("30/day")
@limiter.limit("30/day", key_func=get_ID)
@is_not_permabanned
@ -296,7 +296,7 @@ def add_mod(v:User, sub):
 	return redirect(f'/h/{sub}/mods')

@app.post("/h/<sub>/remove_mod")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -348,7 +348,7 @@ def create_sub(v):
 	return render_template("sub/create_hole.html", v=v, cost=HOLE_COST, error=get_error())

@app.post("/create_hole")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -384,7 +384,7 @@ def create_sub2(v):
 	return redirect(f'/h/{sub}')

@app.post("/kick/<int:pid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -428,7 +428,7 @@ def sub_settings(v:User, sub):


@app.post('/h/<sub>/sidebar')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -454,7 +454,7 @@ def post_sub_sidebar(v:User, sub):


@app.post('/h/<sub>/css')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -496,7 +496,7 @@ def get_sub_css(sub):
 	return resp

@app.post("/h/<sub>/settings/banners/")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("50/day")
@limiter.limit("50/day", key_func=get_ID)
@is_not_permabanned
@ -527,8 +527,8 @@ def upload_sub_banner(v:User, sub:str):
 	return redirect(f'/h/{sub}/settings')

@app.delete("/h/<sub>/settings/banners/<int:index>")
-@limiter.limit("1/2 second;30/day")
-@limiter.limit("1/2 second;30/day", key_func=get_ID)
+@limiter.limit("1/second;30/day")
+@limiter.limit("1/second;30/day", key_func=get_ID)
@is_not_permabanned
 def delete_sub_banner(v:User, sub:str, index:int):
 	sub = get_sub_by_name(sub)
@ -584,7 +584,7 @@ def delete_all_sub_banners(v:User, sub:str):
 	return {"message": f"Deleted all banners from /h/{sub} successfully"}

@app.post("/h/<sub>/sidebar_image")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("10/day")
@limiter.limit("10/day", key_func=get_ID)
@is_not_permabanned
@ -616,7 +616,7 @@ def sub_sidebar(v:User, sub):
 	return redirect(f'/h/{sub}/settings')

@app.post("/h/<sub>/marsey_image")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("10/day")
@limiter.limit("10/day", key_func=get_ID)
@is_not_permabanned
@ -658,7 +658,7 @@ def subs(v:User):
 	return render_template('sub/subs.html', v=v, subs=subs, total_users=total_users)

@app.post("/hole_pin/<int:pid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -689,7 +689,7 @@ def hole_pin(v:User, pid):
 	return {"message": f"Post pinned to /h/{p.sub} successfully!"}

@app.post("/hole_unpin/<int:pid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -721,7 +721,7 @@ def hole_unpin(v:User, pid):


@app.post('/h/<sub>/stealth')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -756,7 +756,7 @@ def sub_stealth(v:User, sub):

@app.post("/mod_pin/<int:cid>")
@feature_required('PINS')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -786,7 +786,7 @@ def mod_pin(cid, v):
 	return {"message": "Comment pinned!"}

@app.post("/unmod_pin/<int:cid>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
--- a/files/routes/users.py
+++ b/files/routes/users.py
@ -315,7 +315,7 @@ def downvoting(v:User, username:str):

@app.post("/@<username>/suicide")
@feature_required('USERS_SUICIDE')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("5/day")
@limiter.limit("5/day", key_func=get_ID)
@auth_required
@ -376,7 +376,7 @@ def transfer_currency(v:User, username:str, currency_name:Literal['coins', 'mars
 	return {"message": f"{amount - tax} {currency_name} have been transferred to @{receiver.username}"}

@app.post("/@<username>/transfer_coins")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -385,7 +385,7 @@ def transfer_coins(v:User, username:str):

@app.post("/@<username>/transfer_bux")
@feature_required('MARSEYBUX')
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@is_not_permabanned
@ -477,7 +477,7 @@ def usersong(username:str):
 	else: abort(404)

@app.post("/subscribe/<int:post_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -489,7 +489,7 @@ def subscribe(v, post_id):
 	return {"message": "Subscribed to post successfully!"}

@app.post("/unsubscribe/<int:post_id>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -500,7 +500,7 @@ def unsubscribe(v, post_id):
 	return {"message": "Unsubscribed from post successfully!"}

@app.post("/@<username>/message")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("10/minute;20/hour;50/day")
@limiter.limit("10/minute;20/hour;50/day", key_func=get_ID)
@is_not_permabanned
@ -563,7 +563,7 @@ def message2(v:User, username:str):


@app.post("/reply")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("6/minute;50/hour;200/day")
@limiter.limit("6/minute;50/hour;200/day", key_func=get_ID)
@auth_required
@ -1085,7 +1085,7 @@ def u_user_id_info(id, v=None):
 	return user.json

@app.post("/follow/<username>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -1113,7 +1113,7 @@ def follow_user(username, v):
 	return {"message": f"@{target.username} has been followed!"}

@app.post("/unfollow/<username>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -1145,7 +1145,7 @@ def unfollow_user(username, v):
 	return {"message": f"@{target.username} has been unfollowed!"}

@app.post("/remove_follow/<username>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -1241,7 +1241,7 @@ def subscribed_posts(v:User, username):
 	return get_saves_and_subscribes(v, "userpage/submissions.html", Subscription, page, False)

@app.post("/fp/<fp>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
@ -1403,7 +1403,7 @@ if KOFI_TOKEN:
 		return ''

@app.post("/gumroad")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
 def gumroad():
 	data = request.values
@ -1436,7 +1436,7 @@ def gumroad():


@app.post("/settings/claim_rewards")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
--- a/files/routes/votes.py
+++ b/files/routes/votes.py
@ -195,7 +195,7 @@ def vote_post_comment(target_id, new, v, cls, vote_cls):


@app.post("/vote/post/<int:post_id>/<new>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("60/minute;1000/hour;2000/day")
@limiter.limit("60/minute;1000/hour;2000/day", key_func=get_ID)
@is_not_permabanned
@ -203,7 +203,7 @@ def vote_post(post_id, new, v):
 	return vote_post_comment(post_id, new, v, Submission, Vote)

@app.post("/vote/comment/<int:comment_id>/<new>")
-@limiter.limit('1/2 second', scope=rpath)
+@limiter.limit('1/second', scope=rpath)
@limiter.limit("60/minute;1000/hour;2000/day")
@limiter.limit("60/minute;1000/hour;2000/day", key_func=get_ID)
@is_not_permabanned