How to block too frequent requests from one IP?

Hi all!
More recently, see hacking attempts of the website. Of course these attempts failed, but still they load the server. It is seen that the robots. Kind of stupid robots I would say. They are given a 404 response (the actual response HTTP status = 404 Not Found), and they are still "hammering" every second.
"Digging" mostly with IP Germany (Hetzner server) but this attempt was also with IP addresses from France, Ukraine and Moscow.
Last 40 minutes before I lock.
At the moment, I block (DROP) access to this IP via the Daemon (prescribing each IP).

This method is not very beautiful. I wish that would "atomate" block IP (maybe even a specific server or computers). It is desirable to block for a certain period.
Can anyone did something like that.

CentOS Linux release 7.2.1511 (Core)
nginx 1.10.1
The daemon 0.3.9

I would not want to use the web server (nginx) or in the logic of the web application "to sew". There will be extra load on them.
July 8th 19 at 11:11
2 answers
July 8th 19 at 11:13
July 8th 19 at 11:15
Here there is a way, but I don't like.
my kommet =) - Violet_Wiso commented on July 8th 19 at 11:18
: I would not mind this option, but it would be at the level of the firewall. - Tyreek_Dibbe commented on July 8th 19 at 11:21
: at the level of the firewall - fail2ban , it can be taught to watch your access_log and if too much 404 - to ban him at the time. - Violet_Wiso commented on July 8th 19 at 11:24

Find more questions by tags FirewallCentOSDDoSNginx