Closed Baggette closed 1 year ago
Any rate limiting you need should be configured through your nginx or other reverse proxy config.
Since we use express, you can use Express-rate-limit as an app.
import rateLimit from 'express-rate-limit'
// ...
const limiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
legacyHeaders: false, // Disable the `X-RateLimit-*` headers
})
// Apply the rate limiting middleware to all requests
app.use(limiter)
hmmmm thanks for the responses, I didn't realize that apache supported rate limiting. Ill probably figure something out. Thanks
It would be very nice if it had built in rate limiting as when I host it I get ddosed more specifically post request spam to /api/bare/v2, I was wondering if a feature could be implemented serverside to enable/disable a rate limit and maybe have something like how strict the rate limit is. (Yes I use cloudlfare, its not helping much the only thing that helped was removing my proxy's subdomain)
edit: spelling