1.0.7 • Published 7 years ago

dpd-ratelimit v1.0.7

Weekly downloads
1
License
ISC
Repository
github
Last release
7 years ago

ratelimit incoming requests based on ip or user

Build Status

Usage

	$ npm install dpd-ratelimit dpd-event

Now in the dashboard add an event-resource called /ratelimit

and add this config (resources/ratelimit/config.json):

{
  "ip":true,
  "rate": 0.1,
  "burst": 1,
  "overrides": {
    "192.345.345.1": {
      "rate": 0,
      "burst": 0
    }
  }
}

Voila! You have automatic ratelimiting based on ip

In case you have a frontend (/public), specify an urls-section as described below.

see here for all ratelimiting options

Userbased ratelimiting

Use a config like this, to allow certain usernames to override the default settings (0=unlimited):

{
  "username":true,
  "rate": 0.1,
  "burst": 1,
  "overrides": {
    "john": {
      "rate": 0,
      "burst": 0
    }
  }
}

Ratelimiting specific url regexes

By defaults ratelimiting is applied to everything . You'll probably agree that a frontend (/public) is not suitable for rateliming. In those cases you want to add urls to your config, to specify which urls should be ratelimited:

{
  "username":true,
  "urls": [ "^/foo($|/)" ], 
  "rate": 0.1,
  "burst": 1,
  "overrides": {
    "john": {
      "rate": 0,
      "burst": 0
    }
  }
}

urls reverses ratelimiting behaviour: it ratelimits only those resources which match the regexes. In this case:

  • /foo
  • /foo/
  • /foo/123

Why

  • api-clients killing my database/cpu with requests? aint got no time for that!
ratelimitdeploydthrottlerequestsapi
monkeypatchratelimit-middleware
@everything-registry/sub-chunk-1512
1.0.7

7 years ago

1.0.6

7 years ago

1.0.5

7 years ago

1.0.4

7 years ago

1.0.3

7 years ago

1.0.2

7 years ago

1.0.1

7 years ago

1.0.0

7 years ago