How would you design a rate-limiting service to protect Frontdoor's public APIs from abuse while ensuring legitimate traffic is unaffected?