How to Slow Down or Limit API Requests in Express.js
In this article, I’m going to share how to slow down or limit rate of API requests in Express.js. Let’s get started:
Table of Contents
Install Package
We’ll use express-slow-down package in our application. let’s install this package:
npm install express-slow-downLimit All Routes
In this example, we’re going to slow down all API routes requests:
app.s
const slowDown = require("express-slow-down");
const app = express();
app.enable("trust proxy"); // only if you're behind a reverse proxy (Heroku, Bluemix, AWS if you use an ELB, custom Nginx setup, etc)
const speedLimiter = slowDown({
windowMs: 20 * 60 * 1000, // 20 minutes
delayAfter: 70, // allow 70 requests per 20 minutes, then...
delayMs: 500 // begin adding 500ms of delay per request above 100:
// request # 71 is delayed by 500ms
// request # 72 is delayed by 1000ms
// request # 73 is delayed by 1500ms
// etc.
});
// apply to all requests
app.use(speedLimiter);
app.get("/test", (req, res) => {
// logic
});
app.listen(3000, () => console.log(`App is running`));Limit Certain Route
We can limit a single route like this:
app.s
const rateLimit = require("express-rate-limit");
const testLimiter = rateLimit({
windowMs: 20 * 60 * 1000, // 20 minutes
delayAfter: 70, // 70 requests
delayMs: 500 // adding 500ms delay
});
app.post('/test', testLimiter, (req, res) => {
// logic
});
app.listen(3000, () => console.log(`App is running`));That’s all. . Thank you.
Md Obydullah
Software Engineer | Ethical Hacker & Cybersecurity...
Md Obydullah is a software engineer and full stack developer specialist at Laravel, Django, Vue.js, Node.js, Android, Linux Server, and Ethichal Hacking.