I've found a brilliant article on SSH tarpit.
Some ideas:
Write your own implementation in C and Go, with Go, use prometheus for stats.
Write the same for web server, trap all .php requests and slowly write HTTP response.
Reconfigure your "real" ssh servers to port 2222, deploy these stuff on your public nodes, and see how much internet is full of bots nowadays.