search

tunnckoCore / koa-better-ratelimit

:rocket: Smart and easy request rate limiter for your APIs built on `koa`, using `koa-ip-filter`. Support custom stores, custom ID, custom error messages and custom headers.
http://j.mp/1stW47C
MIT License
38 stars 6 forks source link

If I understood correctly... #3

Closed thelinuxlich closed 10 years ago

thelinuxlich commented 10 years ago

This middleware helps to mitigate DoS attacks, so if I want to limit any user to 5 requests per minute, I'd write it like this:

app.use(limit({
  duration: 1000 * 60 * 1,
  max: 5
}));

Right?

thelinuxlich commented 10 years ago

Another question, what if there are many people using the app behind an intranet?

tunnckoCore commented 10 years ago

@thelinuxlich , sorry for the late answer. For first question: yes, you're right. This middleware works on per ip basis, so every different IP will be limited for this time.