Today i found one particular IP address which was trying a lot of things in my server.

For a second, it was sending atleast 50 requests.
It was keep on accessing my admin login page with post and get request
That IP tried proxy GET http://...
It tried to inject something in the script with -d parameter.

i added "limit_req_zone $binary_remote_addr zone=app:10m rate=2r/s; " in http block and
location / {
limit_req zone=app burst=50;
}

I believe it will block too many connections per second from a ip.
How do i secure the server from other attacks?

Thanks