diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml
index 4897fae04..cae97817d 100644
--- a/.rubocop_todo.yml
+++ b/.rubocop_todo.yml
@@ -1,6 +1,6 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config --auto-gen-only-exclude --no-offense-counts --no-auto-gen-timestamp`
-# using RuboCop version 1.76.0.
+# using RuboCop version 1.76.1.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
@@ -31,7 +31,6 @@ Metrics/PerceivedComplexity:
 # Configuration parameters: AllowedVars.
 Style/FetchEnvVar:
   Exclude:
-    - 'config/initializers/2_limited_federation_mode.rb'
     - 'config/initializers/paperclip.rb'
 
 # This cop supports safe autocorrection (--autocorrect).
diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb
index 86907538d..68c4f3962 100644
--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@@ -92,7 +92,7 @@ class Api::BaseController < ApplicationController
   end
 
   def disallow_unauthenticated_api_access?
-    ENV['DISALLOW_UNAUTHENTICATED_API_ACCESS'] == 'true' || Rails.configuration.x.limited_federation_mode
+    ENV['DISALLOW_UNAUTHENTICATED_API_ACCESS'] == 'true' || Rails.configuration.x.mastodon.limited_federation_mode
   end
 
   private
diff --git a/app/helpers/authorized_fetch_helper.rb b/app/helpers/authorized_fetch_helper.rb
index cc1b8d02c..edcbf23c4 100644
--- a/app/helpers/authorized_fetch_helper.rb
+++ b/app/helpers/authorized_fetch_helper.rb
@@ -2,10 +2,10 @@
 
 module AuthorizedFetchHelper
   def authorized_fetch_mode?
-    ENV.fetch('AUTHORIZED_FETCH') { Setting.authorized_fetch && 'true' } == 'true' || Rails.configuration.x.limited_federation_mode
+    ENV.fetch('AUTHORIZED_FETCH') { Setting.authorized_fetch && 'true' } == 'true' || Rails.configuration.x.mastodon.limited_federation_mode
   end
 
   def authorized_fetch_overridden?
-    ENV.key?('AUTHORIZED_FETCH') || Rails.configuration.x.limited_federation_mode
+    ENV.key?('AUTHORIZED_FETCH') || Rails.configuration.x.mastodon.limited_federation_mode
   end
 end
diff --git a/app/helpers/domain_control_helper.rb b/app/helpers/domain_control_helper.rb
index 2703c1b8f..32b40a802 100644
--- a/app/helpers/domain_control_helper.rb
+++ b/app/helpers/domain_control_helper.rb
@@ -18,6 +18,6 @@ module DomainControlHelper
   end
 
   def limited_federation_mode?
-    Rails.configuration.x.limited_federation_mode
+    Rails.configuration.x.mastodon.limited_federation_mode
   end
 end
diff --git a/app/serializers/initial_state_serializer.rb b/app/serializers/initial_state_serializer.rb
index 0ad06d22c..d47bb3cdb 100644
--- a/app/serializers/initial_state_serializer.rb
+++ b/app/serializers/initial_state_serializer.rb
@@ -93,7 +93,7 @@ class InitialStateSerializer < ActiveModel::Serializer
       activity_api_enabled: Setting.activity_api_enabled,
       admin: object.admin&.id&.to_s,
       domain: Addressable::IDNA.to_unicode(instance_presenter.domain),
-      limited_federation_mode: Rails.configuration.x.limited_federation_mode,
+      limited_federation_mode: Rails.configuration.x.mastodon.limited_federation_mode,
       locale: I18n.locale,
       mascot: instance_presenter.mascot&.file&.url,
       profile_directory: Setting.profile_directory,
diff --git a/app/serializers/rest/instance_serializer.rb b/app/serializers/rest/instance_serializer.rb
index 910e74b91..db6e61981 100644
--- a/app/serializers/rest/instance_serializer.rb
+++ b/app/serializers/rest/instance_serializer.rb
@@ -130,7 +130,7 @@ class REST::InstanceSerializer < ActiveModel::Serializer
   end
 
   def limited_federation?
-    Rails.configuration.x.limited_federation_mode
+    Rails.configuration.x.mastodon.limited_federation_mode
   end
 
   def markdown
diff --git a/app/serializers/webfinger_serializer.rb b/app/serializers/webfinger_serializer.rb
index 1cb3175c0..4fa9c6631 100644
--- a/app/serializers/webfinger_serializer.rb
+++ b/app/serializers/webfinger_serializer.rb
@@ -33,7 +33,7 @@ class WebfingerSerializer < ActiveModel::Serializer
     media_present = object.avatar.present? && object.avatar.content_type.present?
 
     # Show avatar only if an instance shows profiles to logged out users
-    allowed_by_config = ENV['DISALLOW_UNAUTHENTICATED_API_ACCESS'] != 'true' && !Rails.configuration.x.limited_federation_mode
+    allowed_by_config = ENV['DISALLOW_UNAUTHENTICATED_API_ACCESS'] != 'true' && !Rails.configuration.x.mastodon.limited_federation_mode
 
     media_present && allowed_by_config
   end
diff --git a/config/initializers/2_limited_federation_mode.rb b/config/initializers/2_limited_federation_mode.rb
deleted file mode 100644
index d5f7652d5..000000000
--- a/config/initializers/2_limited_federation_mode.rb
+++ /dev/null
@@ -1,7 +0,0 @@
-# frozen_string_literal: true
-
-Rails.application.configure do
-  config.x.limited_federation_mode = (ENV['LIMITED_FEDERATION_MODE'] || ENV['WHITELIST_MODE']) == 'true'
-
-  warn 'WARN: The environment variable WHITELIST_MODE has been replaced with LIMITED_FEDERATION_MODE, you should rename this environment variable in your configuration.' if ENV.key?('WHITELIST_MODE')
-end
diff --git a/config/initializers/deprecations.rb b/config/initializers/deprecations.rb
index 55293abe8..15c701c9c 100644
--- a/config/initializers/deprecations.rb
+++ b/config/initializers/deprecations.rb
@@ -22,3 +22,10 @@ if ENV['MASTODON_USE_LIBVIPS'] == 'false'
     WARNING: Mastodon support for ImageMagick is deprecated and will be removed in future versions. Please consider using libvips instead.
   MESSAGE
 end
+
+if ENV.key?('WHITELIST_MODE')
+  warn(<<~MESSAGE.squish)
+    WARNING: The environment variable WHITELIST_MODE has been replaced with
+    LIMITED_FEDERATION_MODE. Please update your configuration.
+  MESSAGE
+end
diff --git a/config/mastodon.yml b/config/mastodon.yml
index e0f736eb5..31c2b2b78 100644
--- a/config/mastodon.yml
+++ b/config/mastodon.yml
@@ -1,6 +1,7 @@
 ---
 shared:
   experimental_features: <%= ENV.fetch('EXPERIMENTAL_FEATURES', nil) %>
+  limited_federation_mode: <%= (ENV.fetch('LIMITED_FEDERATION_MODE', nil) || ENV.fetch('WHITELIST_MODE', nil)) == 'true' %>
   self_destruct_value: <%= ENV.fetch('SELF_DESTRUCT', nil) %>
   software_update_url: <%= ENV.fetch('UPDATE_CHECK_URL', 'https://api.joinmastodon.org/update-check') %>
   source:
diff --git a/spec/requests/cache_spec.rb b/spec/requests/cache_spec.rb
index 8ca281726..19406c284 100644
--- a/spec/requests/cache_spec.rb
+++ b/spec/requests/cache_spec.rb
@@ -472,12 +472,12 @@ RSpec.describe 'Caching behavior' do
   context 'when enabling LIMITED_FEDERATION_MODE mode' do
     around do |example|
       ClimateControl.modify LIMITED_FEDERATION_MODE: 'true' do
-        old_limited_federation_mode = Rails.configuration.x.limited_federation_mode
-        Rails.configuration.x.limited_federation_mode = true
+        old_limited_federation_mode = Rails.configuration.x.mastodon.limited_federation_mode
+        Rails.configuration.x.mastodon.limited_federation_mode = true
 
         example.run
 
-        Rails.configuration.x.limited_federation_mode = old_limited_federation_mode
+        Rails.configuration.x.mastodon.limited_federation_mode = old_limited_federation_mode
       end
     end
 
diff --git a/spec/requests/instance_actor_spec.rb b/spec/requests/instance_actor_spec.rb
index b4a9b2ce6..ce0bbe3b8 100644
--- a/spec/requests/instance_actor_spec.rb
+++ b/spec/requests/instance_actor_spec.rb
@@ -4,7 +4,7 @@ require 'rails_helper'
 
 RSpec.describe 'Instance actor endpoint' do
   describe 'GET /actor' do
-    let!(:original_federation_mode) { Rails.configuration.x.limited_federation_mode }
+    let!(:original_federation_mode) { Rails.configuration.x.mastodon.limited_federation_mode }
 
     shared_examples 'instance actor endpoint' do
       before { get instance_actor_path(format: :json) }
@@ -31,8 +31,8 @@ RSpec.describe 'Instance actor endpoint' do
     end
 
     context 'with limited federation mode disabled' do
-      before { Rails.configuration.x.limited_federation_mode = false }
-      after { Rails.configuration.x.limited_federation_mode = original_federation_mode }
+      before { Rails.configuration.x.mastodon.limited_federation_mode = false }
+      after { Rails.configuration.x.mastodon.limited_federation_mode = original_federation_mode }
 
       it_behaves_like 'instance actor endpoint'
 
@@ -44,8 +44,8 @@ RSpec.describe 'Instance actor endpoint' do
     end
 
     context 'with limited federation mode enabled' do
-      before { Rails.configuration.x.limited_federation_mode = true }
-      after { Rails.configuration.x.limited_federation_mode = original_federation_mode }
+      before { Rails.configuration.x.mastodon.limited_federation_mode = true }
+      after { Rails.configuration.x.mastodon.limited_federation_mode = original_federation_mode }
 
       it_behaves_like 'instance actor endpoint'
 
diff --git a/spec/requests/well_known/webfinger_spec.rb b/spec/requests/well_known/webfinger_spec.rb
index cfc391848..0c4a3c034 100644
--- a/spec/requests/well_known/webfinger_spec.rb
+++ b/spec/requests/well_known/webfinger_spec.rb
@@ -176,7 +176,7 @@ RSpec.describe 'The /.well-known/webfinger endpoint' do
 
     context 'with limited federation mode' do
       before do
-        allow(Rails.configuration.x).to receive(:limited_federation_mode).and_return(true)
+        allow(Rails.configuration.x.mastodon).to receive(:limited_federation_mode).and_return(true)
       end
 
       it 'does not return avatar in response' do
diff --git a/spec/services/unallow_domain_service_spec.rb b/spec/services/unallow_domain_service_spec.rb
index 4bf6c5404..6aaba9392 100644
--- a/spec/services/unallow_domain_service_spec.rb
+++ b/spec/services/unallow_domain_service_spec.rb
@@ -15,7 +15,7 @@ RSpec.describe UnallowDomainService do
 
   context 'with limited federation mode', :inline_jobs do
     before do
-      allow(Rails.configuration.x).to receive(:limited_federation_mode).and_return(true)
+      allow(Rails.configuration.x.mastodon).to receive(:limited_federation_mode).and_return(true)
     end
 
     describe '#call' do
@@ -34,7 +34,7 @@ RSpec.describe UnallowDomainService do
 
   context 'without limited federation mode' do
     before do
-      allow(Rails.configuration.x).to receive(:limited_federation_mode).and_return(false)
+      allow(Rails.configuration.x.mastodon).to receive(:limited_federation_mode).and_return(false)
     end
 
     describe '#call' do
diff --git a/spec/system/admin/domain_allows_spec.rb b/spec/system/admin/domain_allows_spec.rb
index bacbb53ea..b2e4b9576 100644
--- a/spec/system/admin/domain_allows_spec.rb
+++ b/spec/system/admin/domain_allows_spec.rb
@@ -13,12 +13,12 @@ RSpec.describe 'Admin::DomainAllows' do
   end
 
   around do |example|
-    original = Rails.configuration.x.limited_federation_mode
-    Rails.configuration.x.limited_federation_mode = true
+    original = Rails.configuration.x.mastodon.limited_federation_mode
+    Rails.configuration.x.mastodon.limited_federation_mode = true
 
     example.run
 
-    Rails.configuration.x.limited_federation_mode = original
+    Rails.configuration.x.mastodon.limited_federation_mode = original
   end
 
   describe 'Managing domain allows' do