Jignesh zala
1 min readSep 30, 2022

In this tutorial, we will implement rate limiting in order to prevent the same IP from making too many requests to our API and that will then help us prevent attacks, like denial of services or brute force attacks.

So, here we will implement a rate limiter as global middleware, so basically, the rate limiter will count the number of

requests coming from one IP and then, when there are too many requests, block these requests.

npm install express-rate-limitconst rateLimit = require('express-rate-limit')// Middleware

const limiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
legacyHeaders: false, // Disable the `X-RateLimit-*` headers
message: "Too many requests from this IP, please try again after in an hour",
});

// Apply the rate limiting middleware to all requests
app.use("/api", limiter);
Too many requests from this IP, please try again after in an hour

Original Article: https://tutscoder.com/post/implement-rate-limiting-nodejs

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Jignesh zala
Jignesh zala

Written by Jignesh zala

MEAN Stack Developer and founder of TutsCoder.com, sharing tech insights, tutorials, and resources on Angular, Node.js, JavaScript, and more for developers.

No responses yet

Write a response