Neat trick: tail -f /var/log/nginx/access.log | grep ' 429 ' Watch and see if any IP is spamming you, then `ufw insert 1 deny from <ip>`