I need to detect bots that act as authenticated users and saturate database's available connections by sending repetitive requests. I am wondering whether it is possible to stop dummy them using nginx directives?
The idea is that set up some rules in nginx configuartion so that IPS that connect more than certain numbers in a time frame (say 30 times per minute) be automatically denied.