This plugin provides a way to apply Route based ratelimiting to prevent the abuse targeting your endpoints. It uses HTTP and Upstash Redis based ratelimiting under the hood.
The ratelimiting data is stored on a Redis database. You can set a strategy to define which algorithms or which rates to use per endpoint. You can also enable logging, to see the
npm install --save @upstash/strapi-plugin-upstash-ratelimityarn add @upstash/strapi-plugin-upstash-ratelimitCreate a new redis database on Upstash Console. See docs for further info related to creating a database.
Get the environment variables from Upstash Console, and set it to .env file as below:
UPSTASH_REDIS_REST_TOKEN="<YOUR_TOKEN>"
UPSTASH_REDIS_REST_URL="<YOUR_URL>"In the ./config/plugins.ts file, set the configurations for ratelimiter.
export default () => ({
"strapi-plugin-upstash-ratelimit": {
enabled: true,
config: {
token: process.env.UPSTASH_REDIS_REST_TOKEN,
url: process.env.UPSTASH_REDIS_REST_URL,
strategy: [
{
methods: ["GET", "POST"],
path: "*",
limiter: {
algorithm: "fixed-window",
tokens: 10,
window: "20s",
},
},
],
prefix: "@strapi",
},
},
});See the documentation for more information details about this package.
See the