UNPKG

connect-qos

Version:

Connect middleware that helps maintain a high quality of service during heavy traffic

github.com/godaddy/node-connect-qos

godaddy/node-connect-qos

182 lines (133 loc) 6.68 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
## 5.5.1 - **Fix** Rely exclusively on `socket.destroySoon` for consistency across H1/H2 - **Fix** Fixed several tests ## 5.5.0 - **Feature** Add support for `errorResponseDelay` option ## 5.4.0 - **Feature** Add support for closing http/2 connections ## 5.3.0 - **Feature** Add support for adjusting IP throttle rate based on host ratio ## 5.2.0 - **Feature** Add support for throttling based on host ratio ## 5.1.0 - **Breaking** Options remain identical but rate limiting is now based on `maxAge` as the window of time, so if you have a rate limit of `10` RPS using the default `maxAge` of 10s 100 requests will come in before anything is blocked ## 5.0.0 This release is about simplifying options, improved performance, and predictable results (less "magic"). - **Breaking** `maxHostRate` option work the similar as before, but now require `minHostRate` to be set as well so that rate limiting is based on the lag ratio between `minLag` and `maxLag`. Additionally host rate limiting is enabled by default - **Breaking** `maxIpRate` option work the similar as before, but now require `minIpRate` to be set as well so that rate limiting is based on the lag ratio between `minLag` and `maxLag`. IP rate limiting remains disabled by default - **Breaking** `behindProxy` has been replaced with `httpBehindProxy` and `httpsBehindProxy` to account for possible differences between bindings - **Breaking** `exemptLocalAddress` has been removed in favor of existing whitelisting. This "feature" was highly flawed and could potentially flag any internal NAT addresses as exempt when the intention is really only to exempt the immediate host - **Breaking** All `Threshold` options have been removed blocking has shifted entirely to rate limiting via `minHostRate` and `minIpRate`. Additionally minimum request options have been removed, but rate limiting now must meet `minHostRate` or `minIpRate` ## 4.1.1 - **Debug** Expose `id` property on cache items and export utils ## 4.1.0 - **Feature** Normalize hosts to drop ports and `www` subdomain ## 4.0.1 - **Tuning** Default `maxAge` has been dropped from 60 to 10 seconds which greatly increases the accuracy of throttling - **Fix** Lag ratios and thresholds were being computed incorrectly and resulting in far fewer blocks while lag/load is present than expected ## 4.0.0 - **Feature** A subtle but major change no longer tracks hosts & IPs if they are bad. This allows for accurate rate limiting and auto-recovery when overwhelmed. This change will also greatly reduce the memory footprint required during times of high load - **Critical Fix** If monitoring of host or IP monitoring was disabled (via `minHostRequests=0` or `minIpRequests=0`) the middleware would cease to block any traffic as it would behave as whitelisted - **Critical Fix** LRU eviction was resulting in incorrect counts and thus skewing how ratios are calculated - **Tuning** Stale purging is now based on time instead of request counts to provide more stable memory management. Additionally `maxAge` default has been reduced from 2 to 1 minutes to avoid needless memory waste ## 3.3.0 - **Feature** Support for rate limiting when no lag is present via `maxHostRate` and/or `maxIpRate` options - **Tuning** `minHostRequests` default dropped from `50` to `30` for faster reaction time, `maxAge` dropped from 10 minutes to 2 minutes to avoid wasted memory, and `historySize` dropped from `500` to `300` to avoid wasted memory ## 3.2.0 - **Feature** Support for disabling `badHost` via `minHostRequests:false` and disabling `badIp` via `minIpRequests:false` ## 3.1.0 - **Feature** Support for disabling `badHost` via `minHostRequests:false` and disabling `badIp` via `minIpRequests:false` ## 3.0.2 - **Fix** `172.*` space added to localhost IP check to support docker ## 3.0.0 - **Feature** Mitigation strategy has shifted to use a lag range (between `minLag` & `maxLag`) which is used to determine at any given time how aggressive throttling should be. Throttling habits are now proportional to the lag/load, and throttling is prioritized based on the the worst offenders. This also removes the need for `waitForHistory`, `hostBadActorSplit`, and `ipBadActorSplit`. `minBadActorThreshold` & `maxBadActorThreshold` indicate the min/max range for the requests that will be blocked in proportion to the lag - **Feature** Shifting strategies to an LRU in combination with `minHostRequests` & `minIpRequests` allows us to much more quickly begin blocking bad traffic (5x improvement at startup with default config), in addition to progressive updates as statistics are calculated in real time and no longer lag behind the giant `historySize` window to detect shifts in traffic patterns - **Feature** With the addition of `exemptLocalAddress` we will no longer block (by default) or even track localhost requests, which is especially important for healthchecks not failing ## 2.0.1 - **Change** No longer export `ConnectQOS` as `default`, export as itself ## 2.0.0 - **Feature** `hitRatio` has been replaced by `hostBadActorSplit` and `ipBadActorSplit` so that we're throttling the top offenders regardless if they hit an arbitrary percentage of traffic - **Feature** Support for **TypeScript** has modern language features - **Feature** Support for `waitForHistory` (enabled by default) which prevents `userLag` from being triggered prematurely before we have sufficient evidence/history - **Feature** Official pre-request bad actor support (such as TLS SNI) - **Fix** Calling `isBadHost` or `isBadIp` will now update history. This will make for more accurate bad actor detection for scenarios that leverage pre-request tracking (such as TLS SNI) in cases that result in large volumes of pre-middlware rejections - **Feature** Support for `hostWhitelist` and `ipWhitelist` options if you want to prevent certains hosts or IP's from ever being blocked - **Feature** Full test suite (that should have been in 1.0!) - **Security** Only support `x-forwarded-for` header if `behindProxy` set to `true`. ## 1.0.1 - **Fix** `options` was not being adhered to ## 1.0.0 - **Feature** Support for `getMiddleware({ beforeThrottle })` - **Feature** Support for `req.reason` for throttling ## 0.3.2 - **Fix** getMiddleware was not referencing `this` instance ## 0.3.1 - **Fix** Options were not defaulting ## 0.3.0 - **Breaking** `getMiddleware` is now part of the prototype so that instance functions are accessible ## 0.2.0 - Add support for errorStatusCode option and expose new methods isBadHost and isBadIp