On Thursday, July 3, 2014 10:54:37 AM UTC-4, Alisson Cavalcante Agiani wrote: > > So that a malicious user gets blocked for some time(maybe with HTTP 429) > when it hits a request limit in a predefined duration >
If you're using Express, there are rate limiting middleware[1][2] and modules[3][4] for non-Express users as well. Or you could block them at the firewall level with iptables[5][6]. [1] https://github.com/AdamPflug/express-brute [2] https://github.com/dharmafly/connect-ratelimit [3] https://github.com/xat/limits.js [4] https://github.com/brycebaril/node-tokenthrottle [5] https://github.com/pkrumins/node-iptables [6] https://github.com/securitykiss-com/rfw -- Job board: http://jobs.nodejs.org/ New group rules: https://gist.github.com/othiym23/9886289#file-moderation-policy-md Old group rules: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/nodejs/ab104f58-7880-4f26-ac26-e1579e6a474a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
