# Rate Limiting in Express.js

- ID: javascript-express-rate-limiting
- Severity: MEDIUM
- Languages: JavaScript, TypeScript
- Frameworks: express, nodejs, fastify

## Description

Detects missing rate limiting on authentication and API endpoints to prevent brute force and DoS attacks.

## Detection Message

{method} {route} has no rate limiting protection

## Remediation

Add rate limiting middleware to protect this endpoint.
Example: app.use(rateLimit({ windowMs: 15 * 60 * 1000, max: 100 }));

## Documentation

[object Object]

## Related Rules

- **Docker Build Optimization and Best Practices** [LOW]: 
- **Docker Compose Obsolete Version Field** [LOW]: 
- **Docker File Operations Best Practices** [LOW]: 
- **Invalid Port Number in EXPOSE** [ERROR]: 
- **Multiple ENTRYPOINT Instructions** [MEDIUM]: