diff --git a/docs/admin/optionals.rst b/docs/admin/optionals.rst
index 75411e67aa8e..b7c73a8b3f93 100644
--- a/docs/admin/optionals.rst
+++ b/docs/admin/optionals.rst
@@ -273,7 +273,7 @@ Rate limiting
 
 .. versionchanged:: 4.6
 
-      The rate limiting no longer applies to superusers.
+      The rate limiting no longer applies to signed in superusers.
 
 Several operations in Weblate are rate limited. At most
 :setting:`RATELIMIT_ATTEMPTS` attempts are allowed within :setting:`RATELIMIT_WINDOW` seconds.
@@ -302,6 +302,8 @@ The following operations are subject to rate limiting:
 | Creating new project              | ``PROJECT``        | 5                | 600              | 600            |
 +-----------------------------------+--------------------+------------------+------------------+----------------+
 
+The rate limiting is based on sessions when user is signed in and on IP address if not.
+
 If a user fails to sign in :setting:`AUTH_LOCK_ATTEMPTS` times, password authentication will be turned off on the account until having gone through the process of having its password reset.
 
 The settings can be also applied in the Docker container by adding ``WEBLATE_`` prefix to the setting name, for example :setting:`RATELIMIT_ATTEMPTS` becomes :envvar:`WEBLATE_RATELIMIT_ATTEMPTS`.