> sudden surge of requests, existing connections can get enough share of CPU to be served properly, while excessive connections are rejected
While you can't limit the connections (before the TLS handshake) there is a module to limit the requests per client/ip https://nginx.org/en/docs/http/ngx_http_limit_req_module.html
(and with limit_req_status 444; you can effectively close the connection without returning any response).
rr
_______________________________________________
nginx mailing list
nginx@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx