Security Plugins Hub

Bring your software development workflows to security

rate limit

Rate Limiting

Enterprise

Signals & Triggers

On request
If predefined threshold is reached

Actions

  • Block the HTTP request Block the HTTP request
  • Log request stack trace Log request stack trace
  • Log the malicious request Log the malicious request
  • Report an incident Report an incident

Notifications

  • Send an email to all team members Send an email to all team members
  • Send a Slack notification. Send a Slack notification.
  • Create an incident on PagerDuty (coming soon) Create an incident on PagerDuty (coming soon)

Details

This plugin enables you to quickly deploy rate limit in your application. Rate limit consists in limiting the volume of HTTP requests a user or IP can perform in a given period of time (minute, hour, day).

All HTTP verbs are supported (GET, POST, PUT, PATCH and DELETE).

This plugin can enforce a global or a custom rate limit, per application route. For instance, the rate limit can be enforced only on the following app’s routes:

GET /users/sign_in 5 per hour

POST /users/:id/reset_password 2 per day

A 429 - Too many requests header is set in the HTTP response when the rate limit is reached.

Note: you can also apply the rate limit as an action from other plugins.

Advanced details

Each time a request is performed, this plugin reports it back to the Sqreen back end.

When the volume of requests distributed over all your application instances reaches the configured rate limit, the Sqreen librariesn deployed in your application will dynamically enforce the rate limit.

Language support

  • Ruby
  • Node.js
  • PHP
  • Python
  • Java

Data collected by Sqreen

Signals
  • Number of requests per application route
  • IP address
  • User account (Sqreen SDK)

On attack
  • IP address
  • User account (Sqreen SDK)

Built for developers and modern apps

Get up and running in minutes just by installing our lightweight library. Enable plugins in just a couple of clicks.

  • Node.js
  • Ruby
  • PHP
  • Python
  • Java
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9

$ npm install --save sqreen

$ echo '{ "token": "your token" }' > sqreen.json

 

// This should be the first line of your app

require('sqreen');

$ echo "gem 'sqreen'" >> Gemfile

$ bundle install

$ echo "token: your token" > config/sqreen.yml

$ curl -s https://download.sqreen.io/php/install.sh > sqreen-install.sh && bash sqreen-install.sh your token

$ pip install sqreen

$ echo -e "[sqreen]\ntoken: your token" > sqreen.ini

 

# Insert at the top of your app file (typically wsgi.py or app.py)

import sqreen

sqreen.start()

$ curl https://download.sqreen.io/java/sqreen-latest-all.jar -o sqreen.jar

 

// Add JVM startup options:

-javaagent:/path/to/sqreen.jar -Dsqreen.token={{your token}}

Build amazing products. Keep them safe.

3 min installation · Try all features for 14 days · No credit card required Sign up Request demo