diff --git a/Gemfile b/Gemfile
index aa4841bd9..dd418d067 100644
--- a/Gemfile
+++ b/Gemfile
@@ -51,6 +51,7 @@ gem "paper_trail"
 gem "paper_trail-globalid"
 # Receive exceptions and configure alerts
 gem "rack-attack"
+gem "redis"
 gem "sentry-rails"
 gem "sentry-ruby"
 
diff --git a/Gemfile.lock b/Gemfile.lock
index e90d7a5cf..d18609041 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -334,6 +334,7 @@ GEM
     rb-fsevent (0.11.1)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
+    redis (4.6.0)
     regexp_parser (2.2.1)
     request_store (1.5.1)
       rack (>= 1.4)
@@ -495,6 +496,7 @@ DEPENDENCIES
   rack-attack
   rack-mini-profiler (~> 2.0)
   rails (~> 7.0.1)
+  redis
   roo
   rspec-rails
   rubocop-govuk
diff --git a/config/initializers/rack_attack.rb b/config/initializers/rack_attack.rb
index 253ed69c7..a9bc15f45 100644
--- a/config/initializers/rack_attack.rb
+++ b/config/initializers/rack_attack.rb
@@ -1,5 +1,10 @@
-Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new
-Rack::Attack.enabled = false
+if Rails.env.development? || Rails.env.test?
+  Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new
+  Rack::Attack.enabled = false
+else
+  redis_url = PaasConfigurationService.new.redis_uris[:"dluhc-core-#{Redis.env}-redis-rate-limit"]
+  Rack::Attack.cache.store = ActiveSupport::Cache::RedisCacheStore.new(url: redis_url)
+end
 
 Rack::Attack.throttle("password reset requests", limit: 5, period: 60.seconds) do |request|
   if request.params["user"].present? && request.path == "/users/password" && request.post?
diff --git a/spec/services/paas_configuration_service_spec.rb b/spec/services/paas_configuration_service_spec.rb
index 45db1533a..3338ad5ec 100644
--- a/spec/services/paas_configuration_service_spec.rb
+++ b/spec/services/paas_configuration_service_spec.rb
@@ -136,5 +136,4 @@ RSpec.describe PaasConfigurationService do
       expect(config_service.redis_uris).to be_empty
     end
   end
-
 end