search

vircadia / vircadia-metaverse

Metaverse server for Vircadia
https://vircadia.com/
59 stars 58 forks source link

Rate limit incoming requests #51

Open Misterblue opened 4 years ago

Misterblue commented 4 years ago

There should be some rate limiting of incoming requests.

Current implementation creates/expires Sessions for IP:port. Could be basis for own implementation. If not doing own leaky-bucket implementation, consider removing Sessions completely. Possible library: https://www.npmjs.com/package/leaky-bucket

Explore available nodejs/expressjs rate limiting packages: https://www.npmjs.com/package/express-rate-limit https://www.npmjs.com/package/rate-limiter-flexible https://www.npmjs.com/package/express-brute https://www.npmjs.com/package/express-limiter