Reactive IP-Blocking in Nodejs, Node application security

Question

I am writing a client-server game in Nodejs, and I want to have a small anti-hacking, anti-cheating layer that can block or throttle detected hack or cheat attempts. The detection method is not part of the question, but once a Bad IP is detected, how can Node block or throttle further connections?

For example, is there a module that wraps the http server in which you can set a blacklist? Or a module that allows interaction with an external firewall program?

My background: New to Node, very much NOT new to JavaScript, PHP, C++, and C.

Answer 1

If you don't mind wrapping your core HTTP instance, you can use ExpressJS and then inject the express-blacklist and express-defend middleware. However, they don't look like they're as commonly used as express-rate-limit.

If you don't need to blacklist and just want to rate limit requests there is express-rate-limit and that is more popular than the two middlewares that I mentioned above.

See the below middleware snippet for express-blacklist and express-defend taken from the above docs.

var expressDefend = require('express-defend');
var blacklist = require('express-blacklist');

app.use(blacklist.blockRequests('blacklist.txt'));
app.use(expressDefend.protect({ 
    maxAttempts: 5, 
    dropSuspiciousRequest: true, 
    logFile: 'suspicious.log', 
    onMaxAttemptsReached: function(ipAddress, url){
        blacklist.addAddress(ipAddress);
    } 
}));