diff --git a/app.js b/app.js
index 67f0a498..c91c78d7 100644
--- a/app.js
+++ b/app.js
@@ -43,10 +43,12 @@ app.use(express.urlencoded({
     extended: false
 }));
 app.use(cookieParser());
-app.use(csurf({ cookie: true }));
+app.use(csurf({
+    cookie: true
+}));
 const limiter = rateLimit({
-    windowMs: 60 * 1000,
-    max: 1000
+    windowMs: 1000,
+    max: 25 * Math.max(3, configFunctions.getProperty("users.canLogin").length)
 });
 app.use(limiter);
 const urlPrefix = configFunctions.getProperty("reverseProxy.urlPrefix");
diff --git a/app.ts b/app.ts
index ebe51a7f..5602aeaa 100644
--- a/app.ts
+++ b/app.ts
@@ -23,7 +23,10 @@ import * as configFunctions from "./helpers/functions.config.js";
 import * as dateTimeFns from "@cityssm/expressjs-server-js/dateTimeFns.js";
 import * as stringFns from "@cityssm/expressjs-server-js/stringFns.js";
 import * as htmlFns from "@cityssm/expressjs-server-js/htmlFns.js";
-import { version } from "./version.js";
+
+import {
+    version
+} from "./version.js";
 
 import * as databaseInitializer from "./helpers/initializer.database.js";
 
@@ -49,7 +52,7 @@ const __dirname = ".";
 export const app = express();
 
 if (!configFunctions.getProperty("reverseProxy.disableEtag")) {
-  app.set("etag", false);
+    app.set("etag", false);
 }
 
 // View engine setup
@@ -57,22 +60,24 @@ app.set("views", path.join(__dirname, "views"));
 app.set("view engine", "ejs");
 
 if (!configFunctions.getProperty("reverseProxy.disableCompression")) {
-  app.use(compression());
+    app.use(compression());
 }
 
 app.use((request, _response, next) => {
-  debugApp(`${request.method} ${request.url}`);
-  next();
+    debugApp(`${request.method} ${request.url}`);
+    next();
 });
 
 app.use(express.json());
 
 app.use(express.urlencoded({
-  extended: false
+    extended: false
 }));
 
 app.use(cookieParser());
-app.use(csurf({ cookie: true }));
+app.use(csurf({
+    cookie: true
+}));
 
 
 /*
@@ -80,8 +85,8 @@ app.use(csurf({ cookie: true }));
  */
 
 const limiter = rateLimit({
-  windowMs: 60 * 1000,
-  max: 1000
+    windowMs: 1000,
+    max: 25 * Math.max(3, configFunctions.getProperty("users.canLogin").length)
 });
 
 app.use(limiter);
@@ -95,22 +100,22 @@ app.use(limiter);
 const urlPrefix = configFunctions.getProperty("reverseProxy.urlPrefix");
 
 if (urlPrefix !== "") {
-  debugApp("urlPrefix = " + urlPrefix);
+    debugApp("urlPrefix = " + urlPrefix);
 }
 
 app.use(urlPrefix, express.static(path.join("public")));
 
 app.use(urlPrefix + "/lib/fa",
-  express.static(path.join("node_modules", "@fortawesome", "fontawesome-free")));
+    express.static(path.join("node_modules", "@fortawesome", "fontawesome-free")));
 
 app.use(urlPrefix + "/lib/cityssm-bulma-webapp-js",
-  express.static(path.join("node_modules", "@cityssm", "bulma-webapp-js")));
+    express.static(path.join("node_modules", "@cityssm", "bulma-webapp-js")));
 
 app.use(urlPrefix + "/lib/cityssm-bulma-js",
-  express.static(path.join("node_modules", "@cityssm", "bulma-js", "dist")));
+    express.static(path.join("node_modules", "@cityssm", "bulma-js", "dist")));
 
 app.use(urlPrefix + "/lib/leaflet",
-  express.static(path.join("node_modules", "leaflet", "dist")));
+    express.static(path.join("node_modules", "leaflet", "dist")));
 
 
 /*
@@ -123,40 +128,40 @@ const FileStoreSession = FileStore(session);
 
 // Initialize session
 app.use(session({
-  store: new FileStoreSession({
-    path: "./data/sessions",
-    logFn: debug("general-licence-manager:session"),
-    retries: 10
-  }),
-  name: sessionCookieName,
-  secret: configFunctions.getProperty("session.secret"),
-  resave: true,
-  saveUninitialized: false,
-  rolling: true,
-  cookie: {
-    maxAge: configFunctions.getProperty("session.maxAgeMillis"),
-    sameSite: "strict"
-  }
+    store: new FileStoreSession({
+        path: "./data/sessions",
+        logFn: debug("general-licence-manager:session"),
+        retries: 10
+    }),
+    name: sessionCookieName,
+    secret: configFunctions.getProperty("session.secret"),
+    resave: true,
+    saveUninitialized: false,
+    rolling: true,
+    cookie: {
+        maxAge: configFunctions.getProperty("session.maxAgeMillis"),
+        sameSite: "strict"
+    }
 }));
 
 // Clear cookie if no corresponding session
 app.use((request, response, next) => {
 
-  if (request.cookies[sessionCookieName] && !request.session.user) {
-    response.clearCookie(sessionCookieName);
-  }
+    if (request.cookies[sessionCookieName] && !request.session.user) {
+        response.clearCookie(sessionCookieName);
+    }
 
-  next();
+    next();
 });
 
 // Redirect logged in users
 const sessionChecker = (request: express.Request, response: express.Response, next: express.NextFunction) => {
 
-  if (request.session.user && request.cookies[sessionCookieName]) {
-    return next();
-  }
+    if (request.session.user && request.cookies[sessionCookieName]) {
+        return next();
+    }
 
-  return response.redirect(`${urlPrefix}/login?redirect=${request.originalUrl}`);
+    return response.redirect(`${urlPrefix}/login?redirect=${request.originalUrl}`);
 };
 
 
@@ -169,24 +174,24 @@ const sessionChecker = (request: express.Request, response: express.Response, ne
 
 app.use((request, response, next) => {
 
-  response.locals.buildNumber = version;
+    response.locals.buildNumber = version;
 
-  response.locals.user = request.session.user;
-  response.locals.csrfToken = request.csrfToken();
+    response.locals.user = request.session.user;
+    response.locals.csrfToken = request.csrfToken();
 
-  response.locals.configFunctions = configFunctions;
-  response.locals.dateTimeFunctions = dateTimeFns;
-  response.locals.stringFunctions = stringFns;
-  response.locals.htmlFunctions = htmlFns;
+    response.locals.configFunctions = configFunctions;
+    response.locals.dateTimeFunctions = dateTimeFns;
+    response.locals.stringFunctions = stringFns;
+    response.locals.htmlFunctions = htmlFns;
 
-  response.locals.urlPrefix = configFunctions.getProperty("reverseProxy.urlPrefix");
+    response.locals.urlPrefix = configFunctions.getProperty("reverseProxy.urlPrefix");
 
-  next();
+    next();
 });
 
 
 app.get(urlPrefix + "/", sessionChecker, (_request, response) => {
-  response.redirect(urlPrefix + "/dashboard");
+    response.redirect(urlPrefix + "/dashboard");
 });
 
 app.use(urlPrefix + "/dashboard", sessionChecker, routerDashboard);
@@ -200,45 +205,46 @@ app.use(urlPrefix + "/reports", sessionChecker, routerReports);
 app.use(urlPrefix + "/admin", sessionChecker, routerAdmin);
 
 app.all(urlPrefix + "/keepAlive", (_request, response) => {
-  response.json(true);
+    response.json(true);
 });
 
 app.use(urlPrefix + "/login", routerLogin);
 
 app.get(urlPrefix + "/logout", (request, response) => {
 
-  if (request.session.user && request.cookies[sessionCookieName]) {
+    if (request.session.user && request.cookies[sessionCookieName]) {
 
-    // eslint-disable-next-line unicorn/no-null
-    request.session.destroy(null);
-    request.session = undefined;
-    response.clearCookie(sessionCookieName);
-    response.redirect(urlPrefix + "/");
+        // eslint-disable-next-line unicorn/no-null
+        request.session.destroy(null);
+        request.session = undefined;
+        response.clearCookie(sessionCookieName);
+        response.redirect(urlPrefix + "/");
 
-  } else {
-
-    response.redirect(urlPrefix + "/login");
-  }
+    } else {
+        response.redirect(urlPrefix + "/login");
+    }
 });
 
 
 // Catch 404 and forward to error handler
 app.use((_request, _response, next) => {
-  next(createError(404));
+    next(createError(404));
 });
 
 // Error handler
-app.use((error: { status: number; message: string },
-  request: express.Request, response: express.Response) => {
+app.use((error: {
+        status: number;message: string
+    },
+    request: express.Request, response: express.Response) => {
 
-  // Set locals, only providing error in development
-  response.locals.message = error.message;
-  response.locals.error = request.app.get("env") === "development" ? error : {};
+    // Set locals, only providing error in development
+    response.locals.message = error.message;
+    response.locals.error = request.app.get("env") === "development" ? error : {};
 
-  // Render the error page
-  response.status(error.status || 500);
-  response.render("error");
+    // Render the error page
+    response.status(error.status || 500);
+    response.render("error");
 });
 
 
-export default app;
+export default app;
\ No newline at end of file
diff --git a/helpers/functions.fee.ts b/helpers/functions.fee.ts
index c604e662..374ab884 100644
--- a/helpers/functions.fee.ts
+++ b/helpers/functions.fee.ts
@@ -1,4 +1,3 @@
-import e from "express";
 import * as recordTypes from "../types/recordTypes";
 
 
diff --git a/public-scss/style.scss b/public-scss/style.scss
index e67ff229..e12cb6ba 100644
--- a/public-scss/style.scss
+++ b/public-scss/style.scss
@@ -31,8 +31,7 @@ fieldset:enabled .is-hidden-enabled {
   pointer-events: none;
 }
 
-// to fix page titles inside level components
-// set on .level-left
+// to fix page titles inside level components, set on .level-left
 
 .has-flex-shrink-1 {
   flex-shrink: 1;
@@ -89,12 +88,10 @@ fieldset:enabled .is-hidden-enabled {
   }
 }
 
-
 /*
  * SVG
  */
 
-
 .image svg {
   display: block;
   height: auto;
@@ -117,22 +114,18 @@ fieldset:enabled .is-hidden-enabled {
   }
 }
 
-
 /*
  * "Readonly" selects
  */
 
-
- .select option:disabled {
+.select option:disabled {
   display: none;
- }
-
+}
 
  /*
   * Modal Size Fix
   */
 
-
 .modal-card {
   max-width: 100%;
 }
\ No newline at end of file