How to implement rate limiting in nodejs

nodejs| Updated on April 20, 2024

In this tutorial, we will implement rate limiting in order to prevent the same IP from making too many requests to our API and that will then help us prevent attacks, like denial of services or brute force attacks.

So, here we will implememnt rate limiter as global middlware, so basically the rate limiter will count the number of

requests comming from one IP and then,when thre are too many requets, block these requetsts.

npm install express-rate-limit

const rateLimit = require('express-rate-limit')

// Middleware

const limiter = rateLimit({
  windowMs: 15 * 60 * 1000, // 15 minutes
  max: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
  standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
  legacyHeaders: false, // Disable the `X-RateLimit-*` headers
  message: "Too many requests from this IP, please try again after in an hour",
});

// Apply the rate limiting middleware to all requests
app.use("/api", limiter);

Too many requests from this IP, please try again after in an hour

Subscribe to our Newsletter

Stay up to date! Get all the latest posts delivered straight to your inbox.

If You Appreciate What We Do Here On TutsCoder, You Should Consider:

If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.

We are thankful for your never ending support.

Subscribe to our Newsletter

If You Appreciate What We Do Here On TutsCoder, You Should Consider:

You might also like

Leave a Comment