diff --git a/conf/proxy-server-base.conf b/conf/proxy-server-base.conf
index fb2f3f962..96bde44e3 100644
--- a/conf/proxy-server-base.conf
+++ b/conf/proxy-server-base.conf
@@ -19,7 +19,7 @@ proxy_set_header Transfer-Encoding $http_transfer_encoding;
 location / {
     proxy_pass   http://web_app_server;
 
-    limit_req zone=webapp burst=25 nodelay;
+    limit_req zone=webapp;
 }
 
 location /realtime {
@@ -29,6 +29,9 @@ location /realtime {
 }
 
 location /v1/repositories/ {
+    # blacklisted for bad behavior 19FEB2015
+    deny 107.23.4.180;
+
     proxy_buffering off;
 
     proxy_request_buffering off;
@@ -39,7 +42,11 @@ location /v1/repositories/ {
 
     client_max_body_size 20G;
 
-    limit_req zone=repositories burst=5 nodelay;
+    if ($http_authorization) {
+      limit_req zone=authrepositories
+    }
+
+    limit_req zone=unauthrepositories;
 }
 
 location /v1/ {
@@ -63,7 +70,7 @@ location /c1/ {
     proxy_read_timeout 2000;
     proxy_temp_path /var/log/nginx/proxy_temp 1 2;
 
-    limit_req zone=api burst=5 nodelay;
+    limit_req zone=api;
 }
 
 location /static/ {
diff --git a/conf/rate-limiting.conf b/conf/rate-limiting.conf
index 3e2538510..d3f8a3cb3 100644
--- a/conf/rate-limiting.conf
+++ b/conf/rate-limiting.conf
@@ -1,7 +1,8 @@
 # vim: ft=nginx
 
 limit_req_zone $proxy_protocol_addr zone=webapp:10m rate=25r/s;
-limit_req_zone $proxy_protocol_addr zone=repositories:10m rate=1r/s;
+limit_req_zone $proxy_protocol_addr zone=authrepositories:10m rate=1r/s;
+limit_req_zone $proxy_protocol_addr zone=unauthrepositories:10m rate=2r/m;
 limit_req_zone $proxy_protocol_addr zone=api:10m rate=1r/s;
 limit_req_status 429;
 limit_req_log_level warn;