diff --git a/apps/backend/src/app.module.ts b/apps/backend/src/app.module.ts
index a579ad0..0759ac0 100644
--- a/apps/backend/src/app.module.ts
+++ b/apps/backend/src/app.module.ts
@@ -30,9 +30,10 @@ import { SmsModule } from './sms/sms.module';
       synchronize: process.env.NODE_ENV !== 'production', // Set to false in production
     }),
     ThrottlerModule.forRoot({
+      ignoreUserAgents: [/googlebot/i, /bingbot/i],
       throttlers: [
         {
-          limit: 1000,
+          limit: 100,
           ttl: 60000, // 1 minute
         },
       ],
@@ -51,4 +52,4 @@ import { SmsModule } from './sms/sms.module';
   controllers: [AppController],
   providers: [AppService],
 })
-export class AppModule {}
+export class AppModule { }
diff --git a/apps/backend/src/sms/sms.controller.ts b/apps/backend/src/sms/sms.controller.ts
index d5d688a..1a22ee6 100644
--- a/apps/backend/src/sms/sms.controller.ts
+++ b/apps/backend/src/sms/sms.controller.ts
@@ -1,6 +1,7 @@
-import { Body, Controller, Post } from '@nestjs/common';
+import { Body, Controller, Post, UseGuards } from '@nestjs/common';
 import { SendLoginSmsDto } from './dto/send-login-sms.dto';
 import { SmsService } from './sms.service';
+import { Throttle, ThrottlerGuard } from '@nestjs/throttler';
 
 @Controller('sms')
 export class SmsController {
@@ -8,6 +9,8 @@ export class SmsController {
     constructor(private readonly smsService: SmsService) { }
 
     @Post('send/login')
+    @UseGuards(ThrottlerGuard)
+    @Throttle({ sms_login: { limit: 10, ttl: 60000 } })
     async sendLoginSms(@Body() dto: SendLoginSmsDto) {
         await this.smsService.sendSms(dto.phone, 'login');
         return null;