I have my express server deployed and someone is continuously sending some requests and flooding the server. This flooding makes the server super slow.
2021-12-22T08:32:00.591180+00:00 app[web.1]: GET /socket.io/?EIO=4&transport=polling&t=NtXHCIU 404 0.353 ms - 149
2021-12-22T08:32:01.450407+00:00 heroku[router]: at=info method=GET path="/socket.io/?EIO=4&transport=polling&t=NtXHCbp" host=api-app-name.herokuapp.com request_id=0a0adb5d-f067-4898-972a-fe47cb66e255 fwd="73.223.239.30" dyno=web.1 connect=0ms service=1ms status=404 bytes=504 protocol=https
Above are some logs from the server. I have deployed the server by removing this API which is being been triggered so this is showing 404 but I am still getting requests for this API. The request is coming from some 4-6 IP's. What can be done in a situation like this, so to avoid this unnecessary flooding and stop the overloading.
You need to use express rate limit. Which can help to limit number of requests per IP address for particular time window. https://www.npmjs.com/package/express-rate-limit