diff --git a/services/web/app/src/router.js b/services/web/app/src/router.js
index 34f10fc9b3..2e0a37427e 100644
--- a/services/web/app/src/router.js
+++ b/services/web/app/src/router.js
@@ -368,6 +368,14 @@ function initialize(webRouter, privateApiRouter, publicApiRouter) {
     CompileController.downloadPdf
   )
 
+  // Align with limits defined in CompileController.downloadPdf
+  const rateLimiterMiddlewareOutputFiles = RateLimiterMiddleware.rateLimit({
+    endpointName: 'misc-output-download',
+    params: ['Project_id'],
+    maxRequests: 1000,
+    timeInterval: 60 * 60
+  })
+
   // Used by the pdf viewers
   webRouter.get(
     /^\/project\/([^/]*)\/output\/(.*)$/,
@@ -379,6 +387,7 @@ function initialize(webRouter, privateApiRouter, publicApiRouter) {
       req.params = params
       next()
     },
+    rateLimiterMiddlewareOutputFiles,
     AuthorizationMiddleware.ensureUserCanReadProject,
     CompileController.getFileFromClsi
   )
@@ -394,6 +403,7 @@ function initialize(webRouter, privateApiRouter, publicApiRouter) {
       req.params = params
       next()
     },
+    rateLimiterMiddlewareOutputFiles,
     AuthorizationMiddleware.ensureUserCanReadProject,
     CompileController.getFileFromClsi
   )
@@ -410,6 +420,7 @@ function initialize(webRouter, privateApiRouter, publicApiRouter) {
       req.params = params
       next()
     },
+    rateLimiterMiddlewareOutputFiles,
     AuthorizationMiddleware.ensureUserCanReadProject,
     CompileController.getFileFromClsi
   )
@@ -427,6 +438,7 @@ function initialize(webRouter, privateApiRouter, publicApiRouter) {
       req.params = params
       next()
     },
+    rateLimiterMiddlewareOutputFiles,
     AuthorizationMiddleware.ensureUserCanReadProject,
     CompileController.getFileFromClsi
   )