Securing Node.Js Express App — Part 1 (Rate Limiting)

Rate-Limiting Node.Js Express App Routes

Assumption:

npm install --save express-rate-limit
const rateLimit = require("express-rate-limit");
const limiter = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 100 // limit each IP to 100 requests per windowMs
});
app.use(limiter);
const getLimiterConfig = rateLimit({
windowMs: 15 * 60 * 1000, // 15 minutes
max: 10 // limit each IP to 10 requests per windowMs
});
app.get("/api/", getLimiterConfig);
const postLimiterConfig = rateLimit({
windowMs: 5 * 60 * 1000, // 5 minutes
max: 25 // limit each IP to 25 requests per windowMs
});
app.post("/api/", postLimiterConfig);

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store