The next combination (--seconds 1 --hitcount 20) allow a max of 20 qps.
The fact is that the
hitcount does not allow to use a number upper than 20. An I’m looking for some rules which allow me to rate limit over 200 or 300 qps.
And a cannot find it!!
As you can see, I’m only logging to a file these queries up to 20 per second, after that I’m using fail2band to block these logged queries. Someone
knows a better way to block queries upper to 300 per second.
I’m losing a lot of time. Rate limiting to prevent DDos is killing my brain. :-)