Add rules as follows:
iptables -A INPUT -p tcp --syn --dport 80 -m connlimit\ --connlimit-above 15 --connlimit-mask 32 -j REJECT \ --reject-with tcp-reset
This will reject connections above 15 from one source IP.
iptables -A INPUT -m state --state RELATED,ESTABLISHED \ -m limit --limit 150/second --limit-burst 160 -j ACCEPT
In this 160 new connections (packets really) are allowed before the limit of 150 NEW connections (packets) per second is applied.
Note: if your server runs UFW (Uncomplicated Firewall), then you shouldn’t run the commands directly. Instead, you need to replace INPUT with ufw-before-input in each line and put the lines in the file /etc/ufw/before.rules. Afterwards, restart UFW using the following command:
sudo service ufw restart
Limit max connections per IP address and new connections per second with iptables – Unix & Linux Stack Exchange. http://unix.stackexchange.com/questions/139285/limit-max-connections-per-ip-address-and-new-connections-per-second-with-iptable