Skip to content

Commit 67ffeb0

Browse files
GuroGuro
committed
Increase rate limits across server endpoints
Raise request limits to better accommodate legitimate traffic patterns: - Splash page: 50 -> 200 req/min - Auth endpoints: 20 -> 200 req/min - Static assets (auth & mcp): 100 -> 500 req/min - OAuth metadata: 100 -> 300 req/5s - Client registration: 10 -> 60 req/min
1 parent 43f1f61 commit 67ffeb0

3 files changed

Lines changed: 6 additions & 6 deletions

File tree

src/index.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -192,7 +192,7 @@ async function main() {
192192
// Rate limiter for splash page (moderate limit)
193193
const splashPageLimiter = rateLimit({
194194
windowMs: 60 * 1000, // 1 minute
195-
max: 50, // 50 requests per minute
195+
max: 200, // 200 requests per minute
196196
message: 'Too many requests to splash page',
197197
standardHeaders: true,
198198
legacyHeaders: false,

src/modules/auth/index.ts

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -77,15 +77,15 @@ export class AuthModule {
7777
// Rate limiters for different route types
7878
const authLimiter = rateLimit({
7979
windowMs: 60 * 1000, // 1 minute
80-
max: 20, // 20 requests per minute for auth endpoints
80+
max: 200, // 200 requests per minute for auth endpoints
8181
message: 'Too many authentication attempts',
8282
standardHeaders: true,
8383
legacyHeaders: false,
8484
});
8585

8686
const staticAssetLimiter = rateLimit({
8787
windowMs: 60 * 1000, // 1 minute
88-
max: 100, // 100 requests per minute for static assets
88+
max: 500, // 500 requests per minute for static assets
8989
message: 'Too many requests for static assets',
9090
standardHeaders: true,
9191
legacyHeaders: false,
@@ -96,10 +96,10 @@ export class AuthModule {
9696
provider: this.provider,
9797
issuerUrl: new URL(this.config.authServerUrl || this.config.baseUri),
9898
tokenOptions: {
99-
rateLimit: { windowMs: 5000, limit: 100 }
99+
rateLimit: { windowMs: 5000, limit: 300 } // 300 requests per 5 seconds
100100
},
101101
clientRegistrationOptions: {
102-
rateLimit: { windowMs: 60000, limit: 10 }
102+
rateLimit: { windowMs: 60000, limit: 60 } // 60 requests per minute
103103
}
104104
}));
105105

src/modules/mcp/index.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -51,7 +51,7 @@ export class MCPModule {
5151
// Rate limiter for static assets
5252
const staticAssetLimiter = rateLimit({
5353
windowMs: 60 * 1000, // 1 minute
54-
max: 100, // 100 requests per minute for static assets
54+
max: 500, // 500 requests per minute for static assets
5555
message: 'Too many requests for static assets',
5656
standardHeaders: true,
5757
legacyHeaders: false,

0 commit comments

Comments
 (0)