What are the best practices for implementing rate limiting and generally add protection on a Next.js application deployed to Cloudflare Workers?