Product
Socket for Jira Is Now Available
Socket for Jira lets teams turn alerts into Jira tickets with manual creation, automated ticketing rules, and two-way sync.
By Jeppe Hasseriis - Apr 20, 2026
Launch Week Day 1: Socket for Jira Is Now Available.Learn More →
rate-limit-redis
Advanced tools
rate-limit-redis
rate-limit-redis 
A redis store for the
express-rate-limit
middleware. Also supports redict &
valkey.
Installation
From the npm registry:
# Using npm
> npm install rate-limit-redis
# Using yarn or pnpm
> yarn/pnpm add rate-limit-redis
From Github Releases:
# Using npm
> npm install https://github.com/express-rate-limit/rate-limit-redis/releases/download/v{version}/rate-limit-redis.tgz
# Using yarn or pnpm
> yarn/pnpm add https://github.com/express-rate-limit/rate-limit-redis/releases/download/v{version}/rate-limit-redis.tgz
Replace {version} with the version of the package that you want to use, e.g.:
3.0.0.
Usage
Importing
This library is provided in ESM as well as CJS forms, and works with both Javascript and Typescript projects.
This package requires you to use Node 16 or above and Redis 2.6.12 or above.
Import it in a CommonJS project (type: commonjs or no type field in
package.json) as follows:
const { RedisStore } = require('rate-limit-redis')
Import it in a ESM project (type: module in package.json) as follows:
import { RedisStore } from 'rate-limit-redis'
Examples
To use it with a node-redis client:
import { rateLimit } from 'express-rate-limit'
import { RedisStore } from 'rate-limit-redis'
import { createClient } from 'redis'
// Create a `node-redis` client
const client = createClient({
// ... (see https://github.com/redis/node-redis/blob/master/docs/client-configuration.md)
})
// Then connect to the Redis server
await client.connect()
// Create and use the rate limiter
const limiter = rateLimit({
// Rate limiter configuration
windowMs: 15 * 60 * 1000, // 15 minutes
max: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
legacyHeaders: false, // Disable the `X-RateLimit-*` headers
// Redis store configuration
store: new RedisStore({
sendCommand: (...args: string[]) => client.sendCommand(args),
}),
})
app.use(limiter)
To use it with a ioredis client:
import { rateLimit } from 'express-rate-limit'
import { RedisStore, type RedisReply } from 'rate-limit-redis'
import RedisClient from 'ioredis'
// Create a `ioredis` client
const client = new RedisClient()
// ... (see https://github.com/luin/ioredis#connect-to-redis)
// Create and use the rate limiter
const limiter = rateLimit({
// Rate limiter configuration
windowMs: 15 * 60 * 1000, // 15 minutes
max: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
legacyHeaders: false, // Disable the `X-RateLimit-*` headers
// Redis store configuration
store: new RedisStore({
sendCommand: (command: string, ...args: string[]) =>
client.call(command, ...args) as Promise<RedisReply>,
}),
})
app.use(limiter)
Configuration
sendCommand
The function used to send commands to Redis. The function signature is as follows:
;(...args: string[]) => Promise<number> | number
The raw command sending function varies from library to library; some are given below:
| Library | Function |
|---|---|
node-redis | async (...args: string[]) => client.sendCommand(args) |
node-redis (cluster) | See sendCommandCluster below |
ioredis | async (command: string, ...args: string[]) => client.call(command, ...args) |
handy-redis | async (...args: string[]) => client.nodeRedis.sendCommand(args) |
tedis | async (...args: string[]) => client.command(...args) |
redis-fast-driver | async (...args: string[]) => client.rawCallAsync(args) |
yoredis | async (...args: string[]) => (await client.callMany([args]))[0] |
noderis | async (...args: string[]) => client.callRedis(...args) |
sendCommandCluster
In cluster mode, node-redis requires a little extra information to help route
the command to to correct server. This is an alternative to sendCommand that
provides the necessary extra information. The signature is as follows:
({key: string, isReadOnly: boolean, command: string[]}) => Promise<number> | number
Example usage:
import { rateLimit } from 'express-rate-limit'
import { RedisStore, type RedisReply, type } from 'rate-limit-redis'
import { createCluster } from 'redis'
// Create a `node-redis` cluster client
const cluster = new createCluster({
// see https://github.com/redis/node-redis/blob/master/docs/clustering.md
})
// Create and use the rate limiter
const limiter = rateLimit({
// Rate limiter configuration here
// Redis store configuration
store: new RedisStore({
sendCommandCluster: ({
key,
isReadOnly,
command,
}: SendCommandClusterDetails) =>
cluster.sendCommand(key, isReadOnly, command) as Promise<RedisReply>,
}),
})
app.use(limiter)
prefix
The text to prepend to the key in Redict/Redis.
Defaults to rl:.
resetExpiryOnChange
Whether to reset the expiry for a particular key whenever its hit count changes.
Defaults to false.
License
MIT © Wyatt Johnson, Nathan Friedly, Vedant K
Other packages similar to rate-limit-redis
express-rate-limit
The express-rate-limit package is a middleware for rate limiting in Express applications. It does not include a built-in store for Redis, but it can be extended with custom stores like rate-limit-redis. It is a good choice if you need a simple rate limiting solution without a specific storage backend.
rate-limiter-flexible
The rate-limiter-flexible package is a highly flexible rate limiting library that supports various backends including Redis, MongoDB, and in-memory storage. It offers more advanced features and customization options compared to rate-limit-redis, making it suitable for complex rate limiting requirements.
redis-rate-limiter
The redis-rate-limiter package is a Redis-based rate limiter that can be used with any Node.js application. It provides a simple API for rate limiting and is not tied to Express, making it a versatile choice for different types of applications.
FAQs
A Redis store for the `express-rate-limit` middleware
The npm package rate-limit-redis receives a total of 694,419 weekly downloads. As such, rate-limit-redis popularity was classified as popular.
We found that rate-limit-redis demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 30 Nov 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Company News
Socket Named Top Sales Organization by RepVue
Socket won two 2026 Reppy Awards from RepVue, ranking in the top 5% of all sales orgs. AE Alexandra Lister shares what it's like to grow a sales career here.
By Sarah Gooding - Apr 17, 2026
Security News
NIST Officially Stops Enriching Most CVEs as Vulnerability Volume Skyrockets
NIST will stop enriching most CVEs under a new risk-based model, narrowing the NVD's scope as vulnerability submissions continue to surge.
By Sarah Gooding - Apr 17, 2026