Skip to content Skip to sidebar Skip to footer
Home / Ddp / Javascript / Meteor / Security

Meteor: Limiting Ddp Connections With Ddp-rate-limiter Package

Post a Comment
I am trying to prevent a user to be able to call a Meteor method too often with the Meteor package ddp-rate-limiter (For example to prevent spamming or a DOS attack), but I can not

Solution 1:

My mistake is simple: It is not 'method': 'dosAttack' but 'name': 'dosAttack'. Seems like the example in the documentation MeteorDoc DDPRateLimiter does the same mistake. I created an issue on the meteor GitHub page

Solution 2:

Rate limiting is now offered as a vendor-supported Meteor package. I've recently used it to create Meteor Candy, the admin panel for Meteor. Here's how I did it.

First, add the package:

meteor add ddp-rate-limiter.

Second, define the method:

Meteor.methods({
    myFancyMethod: function () {
        returntrue;
    }
})

Finally, define the rate limiting rules for it:

import { DDPRateLimiter } from 'meteor/ddp-rate-limiter';

var requestLimit = 5;
var requestTimeout = 5000;

DDPRateLimiter.addRule({
    type: "method",
    name: "myFancyMethod",
}, requestLimit, requestTimeout);

Post a Comment for "Meteor: Limiting Ddp Connections With Ddp-rate-limiter Package"