Launch-Day Horror Story 08:59 a.m.—Your new mobile app goes live. Legitimate traffic climbs exactly as marketing predicted… then a botnet hammers /v1/orders at 2 million RPS. Kubernetes nodes gasp, dashboards bleed red, log-ins crawl. Goal: show how NGINX API rate limiting becomes a programmable safety valve—throttling abusers while real users stay blazing fast. Why Rate