From 6f72cd77f881e8414aaef4746d3b4761f453c253 Mon Sep 17 00:00:00 2001 From: Salman Qureshi Date: Thu, 1 May 2025 16:27:19 +0530 Subject: [PATCH] feat(rate-limiting): trust CF-Connecting-IP behind Cloudflare and increase limit to 120 req/min/IP --- index.js | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/index.js b/index.js index 296042d..4c6d122 100644 --- a/index.js +++ b/index.js @@ -3,19 +3,23 @@ const rateLimit = require('express-rate-limit'); const fs = require('fs'); const app = express(); +app.set('trust proxy', true); const PORT = process.env.PORT || 3000; // Load reasons from JSON const reasons = JSON.parse(fs.readFileSync('./reasons.json', 'utf-8')); -// Rate limiter: 10 requests per minute per IP -// const limiter = rateLimit({ -// windowMs: 60 * 1000, // 1 minute -// max: 10, -// message: { error: "Too many requests, please try again later." } -// }); +// Rate limiter: 120 requests per minute per IP +const limiter = rateLimit({ + windowMs: 60 * 1000, // 1 minute + max: 120, + keyGenerator: (req, res) => { + return req.headers['cf-connecting-ip'] || req.ip; // Fallback if header missing (or for non-CF) + }, + message: { error: "Too many requests, please try again later. (120 reqs/min/IP)" } +}); -// app.use(limiter); +app.use(limiter); // Random rejection reason endpoint app.get('/no', (req, res) => {