Skip to content
Light NodeJS rate limiting and response delaying using Redis - including Express middleware.
Branch: master
Clone or download
Latest commit 94d71a5 Oct 31, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
.circleci Update config.yml Nov 17, 2018
docs v5.1.0 - Added the exclude IP array option Oct 31, 2019
lib v5.1.0 - Added the exclude IP array option Oct 31, 2019
test Update unit tests to handle 5.1.0 update Oct 31, 2019
.gitignore meh Dec 10, 2018
LICENSE Change to MIT license Apr 19, 2019 Removed old README Oct 31, 2019
icon.png icon Mar 1, 2019
package-lock.json fixed tests Oct 4, 2019


NodeJS rate limiting and response delaying using Redis - includes Express middleware.

Official Documentation (

Limitrr assists with the rate-limiting and "delaying of responses" for various routes within your NodeJS application. Unlike other similar packages, this utility allows the user to limit not only by the number of requests but also the number of completed actions (e.g allowing a certain amount of accounts to be successfully created within a timespan) and have such restricted with custom options. As well as this, custom discriminators are possible - you no longer have to limit by just the user's IP. Limitrr can also delay responses after a certain amount of requests have been made - you don't have to just rate-limit potentially malicious requests, you can delay them instead or as well as. Included also within this package are various middleware functions for Express. However, the core functions work perfectly fine if you're not using such a package and chose to do something else, instead.

I've effectively released a similiar limitrr library, but in PHP. Check it out here

If you appreciate this project, please 🌟 it on GitHub.

Pull Requests are welcomed


  • Create multiple route limits (separate expiry times e.t.c) without having to initialize the Limitrr class multiple times
  • Return headers to user with rate limiting details - how many requests/actions remain before restrictions are put in place, how long before the values expire and how many requests/actions are allowed per that route.
  • Unit Tests
  • Pass parameters into functions via an object
  • Ability to slow down responses after a certain amount of requests
  • Extend options further to allow things like IP exclusion (asides from just local).


Access the documentation here:


This project exists thanks to all the people who contribute.


FOSSA Status

You can’t perform that action at this time.