Learn Pain Less

HomeOur TeamContact
Codeigniter 4
How Throttler and Rate limiting work in codeigniter 4
Pawneshwer Gupta
Pawneshwer Gupta
July 18, 2020
1 min
How Throttler and Rate limiting work in codeigniter 4

How Throttler and Rate limiting work in codeigniter 4

Throttler

Throttler is used to limit some actions for number of times for given time period.

for example, if you want to limit login attempt for 4 times in 1 minute, then you can use Throttler. And you don’t need to write any logic to handle this. Throttler will do this internally.

this is how my LoginController will look like if i want to achieve this:

<?php namespace App\Controllers;
class LoginController extends BaseController
{
public function index()
{
return view('welcome_message');
}
//--------------------------------------------------------------------
//this will be a post method sent from login form.
public function doLogin()
{
$throttler = \Config\Services::throttler();
$allowed = $throttler->check('login', 4, MINUTE);
if($allowed) {
//do your login process
}
else {
//return error or do nothing according to your need.
}
}
}

And this will limit users to login 4 times in a minute.

Explaination:

$throttler->check('login', 4, MINUTE); in this function

  • login is identifier or you can say key.
  • 4 is limit (how much operation we want to perform)
  • MINUTE is constant in CI4 which is equivalent to 60, and here 60 is seconds. So instead of MINUTE you can pass 60 or 45.

Rate Limiting

Throttler class does not provide system wide functionality to handle rate limiting, but we can achieve this by using Filters in Codeigniter 4. I have explained everything in this video. So checkit out to understand about Controller filters in Codeigniter 4.

Filters in Codeigniter 4

Controller filters in Codeigniter 4

So we will restrict requests from same IP to allow 1 request per 1 second. For this first of all create Filter. I will name my filter as IPThrottler. so create new file named IPThrottler.php in app/Filters directory of your Codeigniter 4 project.

Code of IPThrottler.php

After creating filter class we have to create an aliases for our newly created filter. Open /app/Config/Filters.php file and declare aliase like below

public $aliases = [
...
'ip_throttle' => \App\Filters\IPThrottler::class,
];
public $globals = [
'before' => [
...
'ip_throttle'
],
'after' => [
...
],
];
public $methods = [
'post' => ['CSRF', 'ip_throttle']
];

After doing above chnages now try to open any page of your Codeigniter 4 project and reload page again and again and you will notice that you will get error after reloading 4 times.

Subscribe to our newsletter!

We'll send you the best of our blog just once a month. We promise.

Tags

PHPRate limitingThrottlersecurityfeatured

Share


Pawneshwer Gupta

Pawneshwer Gupta

Software Developer

Pawneshwer Gupta works as a software engineer who is enthusiastic in creating efficient and innovative software solutions.

Expertise

Python
Flutter
Laravel
NodeJS

Social Media

Related Posts

How to use Honeypot to prevent from robots in Codeigniter 4 | Security Feature
How to use Honeypot to prevent from robots in Codeigniter 4 | Security Feature
June 15, 2020
1 min
How to test Socket io with Postman
Postman
How to test Socket io with Postman
July 30, 2021
2 min
Why we have to think about state in flutter (Beginner's question)
Flutter
Why we have to think about state in flutter (Beginner's question)
August 08, 2020
2 min
Learn Pain Less  © 2024, All Rights Reserved.
Crafted with by Prolong Services

Quick Links

Advertise with usAbout UsContact Us

Social Media