Configuration Options
Complete reference for all hitlimit configuration options.
Basic Options
| Option | Type | Default | Description |
|---|---|---|---|
limit | number | 100 | Maximum requests per window |
window | string | number | '1m' | Time window (e.g., '1m', '1h', '1d') |
key | function | req.ip | Function to extract rate limit key |
store | Store | memoryStore() | Storage backend |
Advanced Options
| Option | Type | Default | Description |
|---|---|---|---|
skip | function | undefined | Skip rate limiting for certain requests |
headers | boolean | true | Include rate limit headers |
statusCode | number | 429 | HTTP status when rate limited |
response | object | function | - | Custom response body |
Full Example
hitlimit({
limit: 100,
window: '1m',
key: (req) => req.headers['x-api-key'] || req.ip,
store: sqliteStore({ path: './limits.db' }),
skip: (req) => req.path === '/health',
headers: true,
statusCode: 429,
response: { error: 'Too many requests' }
})