feat(rate-limiting): trust CF-Connecting-IP behind Cloudflare and increase limit to 120 req/min/IP

This commit is contained in:
Salman Qureshi
2025-05-01 16:27:19 +05:30
committed by GitHub
parent 08759b2f3f
commit 6f72cd77f8
+11 -7
View File
@@ -3,19 +3,23 @@ const rateLimit = require('express-rate-limit');
const fs = require('fs');
const app = express();
app.set('trust proxy', true);
const PORT = process.env.PORT || 3000;
// Load reasons from JSON
const reasons = JSON.parse(fs.readFileSync('./reasons.json', 'utf-8'));
// Rate limiter: 10 requests per minute per IP
// const limiter = rateLimit({
// windowMs: 60 * 1000, // 1 minute
// max: 10,
// message: { error: "Too many requests, please try again later." }
// });
// Rate limiter: 120 requests per minute per IP
const limiter = rateLimit({
windowMs: 60 * 1000, // 1 minute
max: 120,
keyGenerator: (req, res) => {
return req.headers['cf-connecting-ip'] || req.ip; // Fallback if header missing (or for non-CF)
},
message: { error: "Too many requests, please try again later. (120 reqs/min/IP)" }
});
// app.use(limiter);
app.use(limiter);
// Random rejection reason endpoint
app.get('/no', (req, res) => {