Advanced DDoS protection middleware for Express.js applications with comprehensive security features.
-
🛡️ DDoS Protection
- Rate limiting
- Burst detection
- Anomaly detection
- Request pattern analysis
-
🔒 Security Features
- SQL Injection protection
- XSS (Cross-Site Scripting) protection
- Path Traversal detection
- Request size limiting
- HTTP method validation
- IP blocking/allowing
- Request sanitization
-
📊 Monitoring
- Detailed logging
- Request statistics
- Attack detection metrics
- Real-time monitoring
- Clone the repository:
git clone https://github.com/queaxtra/dprotection.git
cd dprotection- Install dependencies:
npm install
# or
bun install- Create logs directory:
mkdir logssrc/
├── protection/
│ ├── interfaces/
│ │ └── types.ts # Type definitions
│ ├── services/
│ │ └── protection.service.ts # Core protection logic
│ └── middleware.ts # Express middleware
└── index.ts # Example Express server
The protection system can be configured through the Guard.config() method:
Guard.config({
routes: {
'/api': { limit: 50, window: 60000 }, // 50 requests per minute
'/login': { limit: 10, window: 60000 } // 10 requests per minute
},
burst: 10, // Max burst requests
time: 1000, // Burst window in ms
score: 2.5 // Anomaly detection threshold
})window: Time window for rate limiting (ms)limit: Maximum requests per windowsize: Maximum request size in bytesmethods: Allowed HTTP methodsrules: Pattern matching rules for attack detectionblocked: Blocked IP addressesallowed: Whitelisted IP addressesburst: Maximum burst requeststime: Burst detection windowscore: Anomaly detection sensitivity
- Basic setup:
import express from 'express'
import { secure, protect, limit } from './src/protection/middleware'
import { Guard } from './src/protection/services/protection.service'
const app = express()
// Apply middleware
app.use(express.json({ limit: '10mb' }))
app.use(express.urlencoded({ extended: true }))
app.use(secure)
app.use(limit)
app.use(protect)
// Configure protection
Guard.config({
routes: {
'/api': { limit: 50, window: 60000 },
'/login': { limit: 10, window: 60000 }
}
})- Start the server:
bun run index.tsYou can test the protection system using curl commands:
- Normal request:
curl http://localhost:3000/api- Rate limit test:
for i in {1..20}; do curl http://localhost:3000/api; done- SQL Injection test:
curl -X POST http://localhost:3000/api -H "Content-Type: application/json" \
-d '{"query": "SELECT * FROM users; DROP TABLE users;"}'- XSS test:
curl -X POST http://localhost:3000/api -H "Content-Type: application/json" \
-d '{"data": "<script>alert(1)</script>"}'- Path Traversal test:
curl "http://localhost:3000/api?file=../../etc/passwd"- Per-route request limits
- Configurable time windows
- Burst detection
- SQL injection patterns
- XSS attempts
- Path traversal
- Malicious payloads
- Size limits
- Method validation
- Content sanitization
- Header validation
- Request interval analysis
- Pattern recognition
- Entropy calculation
- Statistical analysis
- IP blocking
- Whitelisting
- Automatic ban/unban
Logs are stored in logs/security.log with the following information:
- Timestamp
- Request details
- Attack attempts
- System events
- Performance metrics
class Guard {
// Configure protection settings
static config(cfg: Partial<Config>): void
// Get current statistics
static stats_now(): Stats
// Check request validity
static check_request(
ip: string,
type: string,
data: string,
bytes: number,
path: string
): Promise<boolean>
}// Security headers and basic protection
export const secure: Array<RequestHandler>
// Rate limiting
export const limit: RequestHandler
// Main protection middleware
export const protect: RequestHandler- Efficient request processing
- Minimal memory footprint
- Optimized pattern matching
- Smart caching of request data
- Automatic cleanup of old data
- Fork the repository
- Create your feature branch
- Commit your changes
- Push to the branch
- Create a Pull Request
This project is licensed under the MIT License