> sudden surge of requests, existing connections can get enough share of CPU > to be served properly, while excessive connections are rejected
While you can't limit the connections (before the TLS handshake) there is a module to limit the requests per client/ip https://nginx.org/en/docs/http/ngx_http_limit_req_module.html (and with limit_req_status 444; you can effectively close the connection without returning any response). rr _______________________________________________ nginx mailing list nginx@nginx.org https://mailman.nginx.org/mailman/listinfo/nginx
