You can do this, but that doesn't mean you should do it. The ASM module had similar functionality to prevent DDOS, and I've found it useful but with costs.
For a good user experience it's better to disable the button I. The browser whilst the request is bring processed. This is a common user experience. To protect your backend service, it's better to limit the total number of requests sent in the backend code. I. Java you'd use an atomic integer and token algorithm to do this.
At the f5 layer you don't have much context and your choice of user actions is limited to redirecting to a busy page or returning a reset. Neither of which are very user friendly.
That's my two cents, from someone who's been there.
Peter