express limit based on ip

JavaScript
const rateLimit = require('express-rate-limit');

const limiter = rateLimit({
  max: 100,
  windowMs: 60 * 60 * 1000,
  message: 'too many requests sent by this ip, please try again in an hour !'
});

app.use('<routes>', limiter);  // eg: app.use('/api', limiter);

Source

Also in JavaScript: