Express-rate-limit supports external data stores to sychronize hit counts across multiple processes and servers.
By default, the built-in
is used. This one does not synchronize it’s state across instances. It’s simple
to deploy, and often sufficient for basic abuse prevention, but will be
inconnsistent across reboots or in deployments with multiple process or servers.
Deployments requiring more consistently enforced rate limits should use an external store.
Here is a list of known stores:
|(default) Simple in-memory option. Does not share state when app has multiple processes or servers.
|Modern as of v6.0.0
|A memory-store wrapper that shares state across all processes on a single server via the node:cluster module. Does not share state across multiple servers.
|A Redis-backed store, more suitable for large or demanding deployments.
|Modern as of v3.0.0
|A Memcached-backed store.
|Modern as of v1.0.0
|A MongoDB-backed store.
|A memory store similar to the built-in one, except that it stores a distinct timestamp for each key.
|Modern as of v2.0.0
|A PostgreSQL-backed store.
|Modern as of v1.1.0
Take a look at this guide if you wish to create your own store.