How to limit the amount of requests per ip in Node.JS? -
How to limit the amount of requests per ip in Node.JS? -
i'm trying think of way help minimize harm on node.js application if ever ddos attack. want limit requests per ip. want limit every ip address many requests per second. example: no ip address can exceed 10 requests every 3 seconds.
so far have come this:
http.createserver(req, res, function() { if(req.connection.remoteaddress ?????? ) { block ip 15 mins } }
if want build @ app server level, have build info construction records each recent access particular ip address when new request arrives, can through history , see if has been doing many requests. if so, deny farther data. and, maintain info piling in server, you'd need sort of cleanup code gets rid of old access data.
here's thought way (untested code illustrate idea):
function accesslogger(n, t, blocktime) { this.qty = n; this.time = t; this.blocktime = blocktime; this.requests = {}; // schedule cleanup on regular interval (every 30 minutes) this.interval = setinterval(this.age.bind(this), 30 * 60 * 1000); } accesslogger.prototype = { check: function(ip) { var info, accesstimes, now, limit, cnt; // add together access this.add(ip); // should info here because added info = this.requests[ip]; accesstimes = info.accesstimes; // calc time limits = date.now(); limit = - this.time; // short circuit if blocking ip if (info.blockuntil >= now) { homecoming false; } // short circuit access has not had max qty accesses yet if (accesstimes.length < this.qty) { homecoming true; } cnt = 0; (var = accesstimes.length - 1; >= 0; i--) { if (accesstimes[i] > limit) { ++cnt; } else { // assumes cnts in time order no need more break; } } if (cnt > this.qty) { // block until + this.blocktime info.blockuntil = + this.blocktime; homecoming false; } else { homecoming true; } }, add: function(ip) { var info = this.requests[ip]; if (!info) { info = {accesstimes: [], blockuntil: 0}; this.requests[ip] = info; } // force access time access array ip info.accesstimes.push[date.now()]; }, age: function() { // clean accesses have not been here within this.time , not blocked var ip, info, accesstimes, = date.now(), limit = - this.time, index; (ip in this.requests) { if (this.requests.hasownproperty(ip)) { info = this.requests[ip]; accesstimes = info.accesstimes; // if not blocking 1 if (info.blockuntil < now) { // if newest access older time limit, nuke whole item if (!accesstimes.length || accesstimes[accesstimes.length - 1] < limit) { delete this.requests[ip]; } else { // in case ip regularly visiting recent access never old // must age out older access times maintain them // accumulating forever if (accesstimes.length > (this.qty * 2) && accesstimes[0] < limit) { index = 0; (var = 1; < accesstimes.length; i++) { if (accesstimes[i] < limit) { index = i; } else { break; } } // remove index + 1 old access times front end of array accesstimes.splice(0, index + 1); } } } } } } }; var accesses = new accesslogger(10, 3000, 15000); // set 1 of first middleware acts // before other middleware spends time processing request app.use(function(req, res, next) { if (!accesses.check(req.connection.remoteaddress)) { // cancel request here res.end("no info you!"); } else { next(); } }); this method has usual limitations around ip address monitoring. if multiple users sharing ip address behind nat, treat them 1 single user , may blocked due combined activity, not because of activity of 1 single user.
but, others have said, time request gets far server, of dos harm has been done (it's taking cycles server). might help cutting off request before doing more expensive operations such database operations, improve observe , block @ higher level (such nginx or firewall or load balancer).
node.js
Comments
Post a Comment