dkrutsko / express-bouncer Goto Github PK
View Code? Open in Web Editor NEWExpress middleware for mitigating brute-force attacks
License: zlib License
Express middleware for mitigating brute-force attacks
License: zlib License
I implemented the CrowdSec bouncer in MeshCentral using this code and it's wonderful. I did notice that you can make a decision based on a username instead of an IP address, but this bouncer code does not have a getRemediationForUsername() method. Could it be added?
If added, I will implement it right away in MeshCentral.
Thanks,
Ylian
Let's suppose user(userid or ip) can hit a route with 5 valid or invalid attempt. Minimum 25 sec wait & max 25 minute wait. Now i want that after 25 minutes express-bouncer auto reset for this user. so that user can now again hit 5 times on same route. Hope you understand my question. please reply
When I tried to use express-bouncer in two different files I found that the module creates a new instance of the module.
I resolve the issue by my own, Do you want me to share the code?
How can I do this ?
When testing with my express app, open handles are detected due to express-bouncer using setInterval with no way to clean it up.
A close method would resolve the issue.
Hello! Awesome library. There's a status code specifically for this type of error. I do understand why 403 is logical as well and I feel like if someone is brute forcing you may not want to give them any more info. Also, might remove additional info to tip people off into how your bounce scheme is functioning to prevent them from changing IPs.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.