I need to detect bots that act as authenticated users and saturate database's available connections by sending repetitive requests. I am wondering whether it is possible to stop dummy them using nginx directives?
The idea is that set up some rules in nginx configuartion so that IPS that connect more than certain numbers in a time frame (say 30 times per minute) be automatically denied.
There's a module for that! The HttpLimitReqModule. The module documentation has a decent example that's enough to get you started. There are some pretty serious limitations with IP-based rate limiting though -- CGN and some sorts of forced proxies make multiple users come from the same IP address, and other sorts of forced proxies make one user come from multiple IP addresses. Then you've got the fun and games of rate-limiting across a load-balanced cluster... but if you're happy to deal with those tradeoffs, the nginx module does do exactly what it says on the tin.
