> I understand that my popular service might bring your less popular one to the halt, but please configure it on your end so I know _programmatically_ what its capabilities are.

Quite entitled expectations for someone using a free and open service to underpin their project.

The requests were coming from distributed clients, not a central API gateway that could respond to rate limiting requests

> I host no API without rate-limiting. Additionally, clearly listing usage limits might be a good idea.

Again, this wasn’t a central, well-behaved client hitting the API from a couple of IPs or with a known API key.

They calculate that per every 1 user of the wlive.place website, they were getting 1500 requests. This implies a lot of botting and scripting.

This is basically load testing the web site at DDoS scale.

I think it’s reasonable to assume that a free service is not going to deal gracefully with your 100k rps hug of death. The fact that it actually did is an exception, not the rule.

If you are hitting anything free with more than 10rps (temporarily) you are an taking advantage in my opinion.