Skip to content

Commit

Permalink
feat(server): add express-rate-limit to protect against DDoS attacks
Browse files Browse the repository at this point in the history 
fix #471
  • Loading branch information
@FlorentinTh
FlorentinTh committed Jan 21, 2022
1 parent e99cf2a commit c6c6b65
Show file tree
Hide file tree
Showing 3 changed files with 32 additions and 0 deletions.
18 changes: 18 additions & 0 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,7 @@
"dockerode": "^3.3.1",
"dotenv": "^14.2.0",
"express": "^4.17.2",
"express-rate-limit": "^6.1.0",
"express-validator": "^6.14.0",
"file-type": "16.5.3",
"fs-extra": "^10.0.0",
Expand Down
13 changes: 13 additions & 0 deletions src/server.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import compression from 'compression';
import cors from 'cors';
import httpStatus from 'http-status';
import helmet from 'helmet';
import rateLimit from 'express-rate-limit';
import passport from 'passport';
import swaggerUI from 'swagger-ui-express';

Expand Down Expand Up @@ -59,6 +60,18 @@ app.use(express.urlencoded({ extended: true }));
app.use(cookieParser());
app.use(compression());
app.use(helmet());

app.disable('x-powered-by');

const limiter = rateLimit({
windowMs: 15 * 60 * 1000,
max: 100,
standardHeaders: true,
legacyHeaders: false
});

app.use(limiter);

app.use(cors());
app.use(passport.initialize());

Expand Down

0 comments on commit c6c6b65

Please sign in to comment.