After some research and digging, I made my nginx and domain configuration files. If I have something missed, you are welcome to write it in comment here or at Github. Mostly everything are commented so to understand code should be not problem.
UPDATE:
If you want more advanced solution, you can try an comprehensive config: Nginx Bad Bot and User-Agent Blocker, Spam Referrer Blocker, Anti DDOS, Bad IP Blocker and WordPress Theme Detector Blocker . With it server config file looks clearer, because #1-#11 and #47-#51 lines (map $http_user_agent $limit_bots…) now is not necessary.
After nginx reload you can test it at: https://asafaweb.com/ . My results for example:

and from https://beyondsecurity.com

Results a re really impresive, but do not forget. Its only basic prevention from bots and low level hackers. Anyway if you are not building website for governmentit should be okey 🙂