feat(rate-limiting): trust CF-Connecting-IP behind Cloudflare and increase limit to 120 req/min/IP
This commit is contained in:
@@ -3,19 +3,23 @@ const rateLimit = require('express-rate-limit');
|
|||||||
const fs = require('fs');
|
const fs = require('fs');
|
||||||
|
|
||||||
const app = express();
|
const app = express();
|
||||||
|
app.set('trust proxy', true);
|
||||||
const PORT = process.env.PORT || 3000;
|
const PORT = process.env.PORT || 3000;
|
||||||
|
|
||||||
// Load reasons from JSON
|
// Load reasons from JSON
|
||||||
const reasons = JSON.parse(fs.readFileSync('./reasons.json', 'utf-8'));
|
const reasons = JSON.parse(fs.readFileSync('./reasons.json', 'utf-8'));
|
||||||
|
|
||||||
// Rate limiter: 10 requests per minute per IP
|
// Rate limiter: 120 requests per minute per IP
|
||||||
// const limiter = rateLimit({
|
const limiter = rateLimit({
|
||||||
// windowMs: 60 * 1000, // 1 minute
|
windowMs: 60 * 1000, // 1 minute
|
||||||
// max: 10,
|
max: 120,
|
||||||
// message: { error: "Too many requests, please try again later." }
|
keyGenerator: (req, res) => {
|
||||||
// });
|
return req.headers['cf-connecting-ip'] || req.ip; // Fallback if header missing (or for non-CF)
|
||||||
|
},
|
||||||
|
message: { error: "Too many requests, please try again later. (120 reqs/min/IP)" }
|
||||||
|
});
|
||||||
|
|
||||||
// app.use(limiter);
|
app.use(limiter);
|
||||||
|
|
||||||
// Random rejection reason endpoint
|
// Random rejection reason endpoint
|
||||||
app.get('/no', (req, res) => {
|
app.get('/no', (req, res) => {
|
||||||
|
|||||||
Reference in New Issue
Block a user