Custom nginx config with limits set

Hello. Can you tell me how to set limits?

nano /etc/nginx/nginx.conf

http {
    ...
    # Limit
    limit_zone slimits $binary_remote_addr 5m;
    limit_conn slimits 3;
    # Limit per single IP
    limit_conn_zone $binary_remote_addr zone=perip:10m;
    # Limit per server IP
    limit_conn_zone $server_name zone=perserver:10m;

    # (1)
    limit_req_zone $request_uri zone=one:10m rate=30r/m;
    # (2)
    limit_req_zone $binary_remote_addr zone=two:10m rate=5r/s;
    # (3)
    limit_req_zone $limit_key zone=three:10m rate=30r/m;

nano /usr/local/hestia/data/templates/web/nginx/default-custom.tpl

    location / {
        ...
        # Limit per single IP
        limit_conn perip 3;
        # Limit per server IP
        limit_conn perserver 100;

        # (1)
        limit_req zone=one burst=5 nodelay;
        # (2)
        limit_req zone=two burst=5 nodelay;
        # (3)
        limit_req zone=three burst=5 nodelay;

check

nginx -t
systemctl reload nginx

Result

Nginx not working

Tried different combinations and more lightweight (simple) nothing works. Please tell me how to properly set the limits in the custom nginx config. Does anyone have a working version? I have a powerful server, but sometimes there are bursts of activity (DDos) from compromised servers and I need to adjust the limits. Then the site may be offline for several hours with a 500 error until I restart the Hestia-CP. If there are any other solutions, I would be grateful.

It would be nice if the standard nginx config already had basic restrictions. For example, it is logical for an ordinary user that they do not need to send 1000 requests per second. :smile: