WebApiThrottle - ASP.NET Web API rate limiter for IIS and Owin hosting

  •        99

ASP.NET Web API Throttling handler, OWIN middleware and filter are designed to control the rate of requests that clients can make to a Web API based on IP address, client API key and request route. WebApiThrottle package is available on NuGet at nuget.org/packages/WebApiThrottle.Web API throttling can be configured using the built-in ThrottlePolicy. You can set multiple limits for different scenarios like allowing an IP or Client to make a maximum number of calls per second, per minute, per hour per day or even per week. You can define these limits to address all requests made to an API or you can scope the limits to each API route.

https://github.com/stefanprodan/WebApiThrottle

Tags
Implementation
License
Platform

   




Related Projects

AspNetCoreRateLimit - ASP.NET Core rate limiting middleware

  •    CSharp

AspNetCoreRateLimit is an ASP.NET Core rate limiting solution designed to control the rate of requests that clients can make to a Web API or MVC app based on IP address or client ID. The AspNetCoreRateLimit package contains an IpRateLimitMiddleware and a ClientRateLimitMiddleware, with each middleware you can set multiple limits for different scenarios like allowing an IP or Client to make a maximum number of calls in a time interval like per second, 15 minutes, etc. You can define these limits to address all requests made to an API or you can scope the limits to each API URL or HTTP verb and path.

bottleneck - Task scheduler and rate limiter

  •    Javascript

Bottleneck is a lightweight and efficient Task Scheduler and Rate Limiter for Node.js and the browser. When dealing with services with limited resources, it's important to ensure that they don't become overloaded.Bottleneck is an easy solution as it does not add much complexity to your code.

node-rate-limiter - A generic rate limiter for node

  •    Javascript

Provides a generic rate limiter for node.js. Useful for API clients, web crawling, or other tasks that need to be throttled. Two classes are exposed, RateLimiter and TokenBucket. TokenBucket provides a lower level interface to rate limiting with a configurable burst rate and drip rate. RateLimiter sits on top of the token bucket and adds a restriction on the maximum number of tokens that can be removed each interval to comply with common API restrictions like "150 requests per hour maximum". A synchronous method, tryRemoveTokens(), is available in both RateLimiter and TokenBucket. This will return immediately with a boolean value indicating if the token removal was successful.

express-rate-limit - Basic rate-limiting middleware for express

  •    Javascript

Basic rate-limiting middleware for Express. Use to limit repeated requests to public APIs and/or endpoints such as password reset. Note: this module does not share state with other processes/servers by default. If you need a more robust solution, I recommend using an addon store or trying out one of the excelent competing options.

api-throttling - Rack Middleware to impose a rate limit on a web service (aka API Throttling)

  •    Ruby

Rack Middleware to impose a rate limit on a web service (aka API Throttling)


redis-throttle - Rack middleware for rate-limiting incoming HTTP requests configured to be used with Redis

  •    Ruby

This is a fork of the Rack Throttle middleware that provides logic for rate-limiting incoming HTTP requests to Rack applications using Redis as storage system. You can use Rack::RedisThrottle with any Ruby web framework based on Rack, including Ruby on Rails 3.0 and Sinatra. This gem was designed to experiment rate limit with Rails 3.x and Doorkeeper. Redis Throttle Middleware come to life thanks to the work I've made in Lelylan, an open source microservices architecture for the Internet of Things. If this project helped you in any way, think about giving us a star on Github.

rack-throttle - Rack middleware for rate-limiting incoming HTTP requests.

  •    Ruby

Rack middleware for rate-limiting incoming HTTP requests.

express-brute - Brute-force protection middleware for express routes by rate limiting incoming requests

  •    Javascript

A brute-force protection middleware for express routes that rate-limits incoming requests, increasing the delay with each request in a fibonacci-like sequence. An in-memory store for persisting request counts. Don't use this in production, instead choose one of the more robust store implementations listed below.

Kong - The Microservice API Gateway

  •    Lua

Kong is a cloud-native, fast, scalable, and distributed Microservice Abstraction Layer (also known as an API Gateway, API Middleware or in some cases Service Mesh). Backed by the battle-tested NGINX with a focus on high performance, Kong was made available as an open-source platform in 2015. Under active development, Kong is used in production at thousands of organizations from startups, Global 5000 and Government organizations.

redis-cell - A Redis module that provides rate limiting in Redis as a single command.

  •    Rust

A Redis module that provides rate limiting in Redis as a single command. Implements the fairly sophisticated generic cell rate algorithm (GCRA) which provides a rolling time window and doesn't depend on a background drip process. The primitives exposed by Redis are perfect for doing work around rate limiting, but because it's not built in, it's very common for companies and organizations to implement their own rate limiting logic on top of Redis using a mixture of basic commands and Lua scripts (I've seen this at both Heroku and Stripe for example). This can often result in naive implementations that take a few tries to get right. The directive of redis-cell is to provide a language-agnostic rate limiter that's easily pluggable into many cloud architectures.

express-limiter - Rate limiting middleware for Express

  •    Javascript

rate limiter middleware for express applications

express-paginate - Paginate middleware

  •    Javascript

Node.js pagination middleware and view helpers. v0.2.0+: As of v0.2.0, we now allow you to pass ?limit=0 to get infinite (all) results. This may impose security or performance issues for your application, so we suggest you to write a quick middleware fix such as the one below, or use rate limiting middleware to prevent abuse.

throttled - Package throttled implements rate limiting access to resources such as HTTP endpoints.

  •    Go

Package throttled implements rate limiting using the generic cell rate algorithm to limit access to resources such as HTTP endpoints. See throttled/gcra for a list of other projects related to rate limiting and GCRA.

rack-attack - Rack middleware for blocking & throttling

  •    Ruby

Rack::Attack is a rack middleware to protect your web app from bad clients. It allows safelisting, blocklisting, throttling, and tracking based on arbitrary properties of the request. Throttle and fail2ban state is stored in a configurable cache (e.g. Rails.cache), presumably backed by memcached or redis (at least gem v3.0.0).

flask-limiter - rate limiting extension for flask applications

  •    Python

Flask-Limiter provides rate limiting features to flask routes. It has support for a configurable backend for storage with current implementations for in-memory, redis and memcache. Add the rate limiter to your flask app. The following example uses the default in memory implementation for storage.

requests-respectful - Minimalist Requests wrapper to work within rate limits of any amount of services simultaneously

  •    Python

If you know Python, you know Requests. Requests is love. Requests is life. Depending on your use cases, you may come across scenarios where you need to use Requests a lot. Services you consume may have rate-limiting policies in place or you may just happen to be in a good mood and feel like being a good Netizen. This is where requests-respectful can come in handy. The library auto-detects the presence of a YAML file named requests-respectful.config.yml at the root of your project and will attempt to load configuration values from it.

AspNetKatana - Microsoft's OWIN implementation, the Katana project

  •    CSharp

Katana is a flexible set of components for building and hosting OWIN-based web applications on .NET Framework.This repo is the home for the Katana host, server, and middleware source code and documentation. Official releases of Katana components (including prerelease versions) can be found on https://nuget.org.

limiter - limiter

  •    Ruby

Rack middleware for rate-limiting incoming HTTP requests with black_list and white_list support.

light-4j - A fast, lightweight and more productive microservices framework

  •    Java

Light 4j is a fast, lightweight and cloud native microservices framework. Light means lightweight, lighting fast and shed light on how to program with modern Java SE. It is 44 times faster than the most popular microservices platform Spring Boot embedded Tomcat and use only 1/5 of memory.

django-ratelimit - Cache-based rate-limiting for Django

  •    Python

Cache-based rate-limiting for Django