Neat trick:

tail -f /var/log/nginx/access.log | grep ' 429 '

Watch and see if any IP is spamming you, then `ufw insert 1 deny from <ip>`