Change the login script (or the path to the script)

Hello. Our ELGG installation is under attack. A massive flood of hits on /action/login is slowing the site down to a crawl. With nginx, I can block (444) all hits on /action/login to allow browsing the site, but then no users can login. Is it possible to change /action/login to - say - /action/rogin or another script/path?