UNPKG

@imqueue/http-protect

Version:

HTTP DDoS Protection Middleware

github.com/imqueue/http-protect

imqueue/http-protect

89 lines (64 loc) 2.38 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
# @imqueue/http-protect Implements simple HTTP traffic protection middleware for node-based express-like web-servers to detect and block abnormal activity on a server from a detected IP sources. Simple configuration allows to set desired limit on number of requests per given time period and define the blacklist threshold for the users which are by exceeding the limit continue to send requests to the server. The service protected by this module may be configured on a code level or by setting environment variables. ## Requirements - redis server ## Installation ```bash npm i @imqueue/http-protect ``` ## Usage ```typescript import HttpProtect from '@imqueue/http-protect'; app.use(new HttpProtect().jsonMiddleware()); ``` Or it is possible to do manual injection: ```typescript import HttpProtect, { VerificationStatus } from '@imqueue/http-protect'; import { getClientIp } from 'request-ip'; // inside some async function in the code const protect = new HttpProtect(); const { status, httpCode } = await protect.verify(getClientIp(req)); switch (status) { case VerificationStatus.LIMITED: { // user us reached request limit, but not blacklisted yet. // warn about abnormal usage break; } case VerificationStatus.BANNED: { // bad traffic source, requests must be banned break; } default: { // good request, safe to go break; } } ``` This module aldo provides simple API to check if given IP is blacklisted or not, or get the list of banned network addresses: ```typescript import HttpProtect from '@imqueue/http-protect'; const protect = new HttpProtect(); // get the list of banned networks console.log(protect.bannedNetworks().toJSON()); // check if given IP is currently banned or not console.log(protect.isBanned('127.0.0.1')); // check if given IP is currently limited or not console.log(protect.isLimited('127.0.0.1')); ``` This module uses redis server to deal with requests counters and banned networks. It also based on ioredis module to connect to redis server, so you might want to configure it via constructor options or bypass existing ioredis instance in the options. Please, refer `HttpProtectOptions` interface for more details. ## License This project is licensed under the GNU General Public License v3.0. See the [LICENSE](LICENSE) Happy Coding!