npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@imqueue/http-protect

v1.1.0

Published

HTTP DDoS Protection Middleware

Downloads

214

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

serhiy.greenchserhiy.greenchmikhusmikhus

Keywords

httpddosdosprotectiontrafficlimit

Readme

@imqueue/http-protect

Implements simple HTTP traffic protection middleware for node-based express-like web-servers to detect and block abnormal activity on a server from a detected IP sources.

Simple configuration allows to set desired limit on number of requests per given time period and define the blacklist threshold for the users which are by exceeding the limit continue to send requests to the server.

The service protected by this module may be configured on a code level or by setting environment variables.

Requirements

  • redis server

Installation

npm i @imqueue/http-protect

Usage

import HttpProtect from '@imqueue/http-protect';

app.use(new HttpProtect().jsonMiddleware());

Or it is possible to do manual injection:

import HttpProtect, { VerificationStatus } from '@imqueue/http-protect';
import { getClientIp } from 'request-ip';

// inside some async function in the code
const protect = new HttpProtect();
const { status, httpCode } = await protect.verify(getClientIp(req));

switch (status) {
    case VerificationStatus.LIMITED: {
        // user us reached request limit, but not blacklisted yet.
        // warn about abnormal usage
        break;
    }
    case VerificationStatus.BANNED: {
        // bad traffic source, requests must be banned
        break;
    }
    default: {
        // good request, safe to go
        break;
    }
}

This module aldo provides simple API to check if given IP is blacklisted or not, or get the list of banned network addresses:

import HttpProtect from '@imqueue/http-protect';

const protect = new HttpProtect();

// get the list of banned networks
console.log(protect.bannedNetworks().toJSON());

// check if given IP is currently banned or not
console.log(protect.isBanned('127.0.0.1'));

// check if given IP is currently limited or not
console.log(protect.isLimited('127.0.0.1'));

This module uses redis server to deal with requests counters and banned networks. It also based on ioredis module to connect to redis server, so you might want to configure it via constructor options or bypass existing ioredis instance in the options. Please, refer HttpProtectOptions interface for more details.

License

ISC

Happy Coding!