Protect your API using a filter for all your users' requests.

Usage no npm install needed!

<script type="module">
  import byespam from '';



With byespam you can protect your websites and API with a high level spam protection.


  • npm i byespam


Before see it in action, you have to learn about options and syntax.

Basic sketch

const byespam = require('byespam')([
    /* all filters you want to apply */	

Inside of the parameter

After having required the package, you have to declare what protections you want to apply, and you can do it by adding them inside of the module constructor parameter. This argument must be an array, since you can actually put how many protections you want.

Example of a protection

{ "max_requests": 5, "protection_timeout": 10000, "effect": "Nope", "path": "/test" }

With this, you are telling library to create a protection on path '/test', saying that user can take at mos 5 requests in 10,000ms (10 seconds)


This variable is used to set how many requests the user could do inside of the timeout range


After how many times can the user continue to making requests after he stops?


This is the consequence that the user sees if the request is blocked.

It can be of three types:

  • object
  • function
  • string

If you use object type, the header 'Content-Type' will be changes into 'application/json' and the object will be sended as a string to the user,

If you use function type, the function will be called with 3 arguments passed in respectively: request, response and IP Address

How to apply the protected routes

It's easy, just do


After declaring byespam and app;

Final & examples

If the user's request go fine, you can set app a routes for this, example:

const byespam = require('byespam')( [  { path: '/', effect: (req, res) => res.render('429'), max_requests: 1, protection_timeout: 4000 }  ] );


app.get('/', (req, res) => res.send('Yep!'));

Obviously you can use the "effect" function to do this as well, but for making the sketch more tidy, you can use routes.