diff --git a/sapl/settings.py b/sapl/settings.py
index 58e8bd208..adb77dd31 100644
--- a/sapl/settings.py
+++ b/sapl/settings.py
@@ -439,15 +439,15 @@ RATE_LIMIT_BYPASS_PATHS = [
 # API quota — daily and weekly call caps for all /api/ callers (anon and auth).
 # All callers are keyed by IP — auth status is not checked.
 # Weekly default is 7× the daily cap.
-API_QUOTA_DAILY = config('API_QUOTA_DAILY', default=1000, cast=int)
-API_QUOTA_WEEKLY = config('API_QUOTA_WEEKLY', default=7000, cast=int)
+API_QUOTA_DAILY = config('API_QUOTA_DAILY', default=100000, cast=int)
+API_QUOTA_WEEKLY = config('API_QUOTA_WEEKLY', default=700000, cast=int)
 
 # API-specific per-minute rate limit for external (non-same-origin) anonymous calls.
 # Abuse writes rl:api:ip:<ip>:blocked only — never rl:ip:<ip>:blocked.
 API_RATE_LIMIT_ENABLED = config('API_RATE_LIMIT_ENABLED', default=True, cast=bool)
-API_RATE_LIMIT_THRESHOLD = config('API_RATE_LIMIT_THRESHOLD', default=35, cast=int)
+API_RATE_LIMIT_THRESHOLD = config('API_RATE_LIMIT_THRESHOLD', default=120, cast=int)
 API_RATE_LIMIT_WINDOW_SECONDS = config('API_RATE_LIMIT_WINDOW_SECONDS', default=60, cast=int)
-API_RATE_LIMIT_BLOCK_SECONDS = config('API_RATE_LIMIT_BLOCK_SECONDS', default=300, cast=int)
+API_RATE_LIMIT_BLOCK_SECONDS = config('API_RATE_LIMIT_BLOCK_SECONDS', default=60, cast=int)
 API_RATE_LIMIT_SAME_ORIGIN_BYPASS = config('API_RATE_LIMIT_SAME_ORIGIN_BYPASS', default=True, cast=bool)
 
 # Media file serving — serve_media (sapl/base/media.py) via X-Accel-Redirect.