https://github.com/coderofsalvation/dpd-ratelimit

ratelimit incoming requests based on ip or user
https://github.com/coderofsalvation/dpd-ratelimit

Last synced: 12 days ago
JSON representation

ratelimit incoming requests based on ip or user

• Host: GitHub
• URL: https://github.com/coderofsalvation/dpd-ratelimit
• Owner: coderofsalvation
• Created: 2016-11-19T19:35:57.000Z (almost 8 years ago)
• Default Branch: master
• Last Pushed: 2020-05-28T18:49:07.000Z (over 4 years ago)
• Last Synced: 2024-10-22T12:20:28.812Z (22 days ago)
• Language: JavaScript
• Size: 36.1 KB
• Stars: 1
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Funding: .github/FUNDING.yml

Awesome Lists containing this project

README

        
ratelimit incoming requests based on ip or user

![Build Status](https://travis-ci.org/coderofsalvation/dpd-ratelimit.svg?branch=master)



## Usage 

		$ npm install dpd-ratelimit dpd-event

Now in the dashboard add an event-resource called `/ratelimit` 



and add this config (`resources/ratelimit/config.json`):

    {

      "ip":true,

      "rate": 0.1,

      "burst": 1,

      "overrides": {

        "192.345.345.1": {

          "rate": 0,

          "burst": 0

        }

      }

    }

> Voila! You have automatic ratelimiting based on ip

In case you have a frontend (`/public`), specify an `urls`-section as described below.

see [here](https://github.com/defunctzombie/ratelimit-middleware) for all ratelimiting options

## Userbased ratelimiting

Use a config like this, to allow certain usernames to override the default settings (0=unlimited):

    {

      "username":true,

      "rate": 0.1,

      "burst": 1,

      "overrides": {

        "john": {

          "rate": 0,

          "burst": 0

        }

      }

    }

## Ratelimiting specific url regexes 

By defaults ratelimiting is applied to *everything* .

You'll probably agree that a frontend (`/public`) is not suitable for rateliming.

In those cases you want to add `urls` to your config, to specify which urls should be ratelimited:

    {

      "username":true,

      "urls": [ "^/foo($|/)" ], 

      "rate": 0.1,

      "burst": 1,

      "overrides": {

        "john": {

          "rate": 0,

          "burst": 0

        }

      }

    }

`urls` reverses ratelimiting behaviour: it ratelimits only those resources which match the regexes. In this case:

* `/foo`

* `/foo/`

* `/foo/123`

## Why 

* api-clients killing my database/cpu with requests? aint got no time for that!