Rate limiting implementation

So I am trying to implement rate limit on my web in case someone try to overload my web page, what could be consider as legit traffic from users in term of how many request in 10 seconds? Since rate-limit have cost, which limit (how many request in 10 seconds should i set ) would be cost effective and not to block the legit traffic too. I am planing to block for 1 hour whoever over “?” request per 10 seconds. Please help advices since I am abit of new to this rate limiting.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.