After some research and digging, I made my nginx and domain configuration files. If I have something missed, you are welcome to write it in comment here or at Github. Mostly everything are commented so to understand code should be not problem.
If you want more advanced solution, you can try an comprehensive config: Nginx Bad Bot and User-Agent Blocker, Spam Referrer Blocker, Anti DDOS, Bad IP Blocker and WordPress Theme Detector Blocker . With it server config file looks clearer, because #1-#11 and #47-#51 lines (map $http_user_agent $limit_bots…) now is not necessary.
After nginx reload you can test it at: https://asafaweb.com/ . My results for example:
and from https://beyondsecurity.com
Results a re really impresive, but do not forget. Its only basic prevention from bots and low level hackers. Anyway if you are not building website for governmentit should be okey 🙂