Security News
Crates.io Implements Trusted Publishing Support
Crates.io adds Trusted Publishing support, enabling secure GitHub Actions-based crate releases without long-lived API tokens.
By Sarah Gooding - Jul 16, 2025
You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP →
api-security-gateway
Advanced tools
api-security-gateway
A security gateway for APIs with rate limiting, IP whitelisting, and injection prevention.
api-security-gateway
A security gateway for APIs with features such as rate limiting, IP whitelisting, and injection prevention. This library helps you secure your APIs by controlling access and preventing common attack vectors.
Features
- Rate Limiting: Control the number of requests a user can make within a specified timeframe.
- IP Whitelisting/Blacklisting: Allow or deny requests based on IP addresses.
- Injection Prevention: Sanitize inputs to prevent SQL injection, XSS, and other injection attacks.
Installation
You can install the library using npm:
npm install api-security-gateway
A security gateway for APIs with features such as rate limiting, IP whitelisting, and injection prevention. This library helps you secure your APIs by controlling access and preventing common attack vectors.
## Features
- **Rate Limiting**: Control the number of requests a user can make within a specified timeframe.
- **IP Whitelisting/Blacklisting**: Allow or deny requests based on IP addresses.
- **Injection Prevention**: Sanitize inputs to prevent SQL injection, XSS, and other injection attacks.
## Installation
```bash
git clone https://github.com/yourusername/api-security-gateway.git
cd api-security-gateway
npm install
Using with Express
Here's an example of how to use the api-security-gateway library in an Express application:
const express = require("express");
const apiSecurityGateway = require("api-security-gateway");
const app = express();
app.use(express.json());
const securityOptions = {
rateLimit: {
maxRequests: 100,
windowMs: 15 * 60 * 1000, // 15 minutes
},
ipFilter: {
whitelist: ["127.0.0.1"],
blacklist: ["192.168.1.1"],
},
};
const securityGateway = apiSecurityGateway(securityOptions);
app.use((req, res, next) => {
const requestInfo = {
ip: req.ip,
body: req.body,
query: req.query,
params: req.params,
};
const result = securityGateway(requestInfo);
if (result.status === 200) {
next();
} else {
res.status(result.status).json({ message: result.message });
}
});
app.get("/secure-endpoint", (req, res) => {
res.send("This is a secure endpoint");
});
app.listen(3000, () => {
console.log("Server running on port 3000");
});
License
This project is licensed under the MIT License - see the LICENSE file for details.
FAQs
A security gateway for APIs with rate limiting, IP whitelisting, and injection prevention.
We found that api-security-gateway demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 09 Jul 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Tracking Protestware Spread: 28 npm Packages Affected by Payload Targeting Russian-Language Users
Undocumented protestware found in 28 npm packages disrupts UI for Russian-language users visiting Russian and Belarusian domains.
By Olivia Brown - Jul 15, 2025
Research
/Security News
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
By Kirill Boychenko - Jul 14, 2025