express-custom-limiter
v1.0.0-a2
Published
Customisation Ratelimiting Module for ExpressJS
Downloads
5
Maintainers
Readme
Express Custom Limiter
Basic rate-limiting middleware for Express. Use to limit repeated requests to public APIs and/or endpoints such as password reset.
Plays nice with express-slow-down.
Note: this module does not share state with other processes/servers by default. If you need a more robust solution, I recommend using an external store:
Alternate Rate-limiters
This module was designed to only handle the basics and didn't even support external stores initially. These other options all are excellent pieces of software and may be more appropriate for some situations:
Install
$ npm install --save express-custom-limiter
Usage
For a "regular" web server (e.g. anything that uses express.static()
), where the rate-limiter should only apply to certain requests:
const ECL = require("express-custom-limiter");
// Enable if you're behind a reverse proxy (Heroku, Bluemix, AWS ELB, Nginx, etc)
// see https://expressjs.com/en/guide/behind-proxies.html
// app.set('trust proxy', 1);
const customLimiter = ECL({
windowMs: 60 * 1000, // 1 minute (can be set higher if needed - this is in miliseconds)
max: 5, // maximum request sent before ratelimited.
limiterPage: "index" // Optional of what page you want to render, if you wish to use pages from folders do /foldername/pagename
});
app.use("/api/", customLimiter);
Credits:
- Original Source Developer: nfriedly express-rate-limit
- Modified By Mr. Cerberus express-custom-limiter