Hi:

A think this could be useful to protect a web from "unintentional random DDOS":

A check that counts ALL active sessions in protector_access table (no matter what IP), made after anti-F5 and anti-crawler checks. You could then add a new option in Protector preferences to take some measure if your web is experiencing high trafic load.

Probably should be off by default, but could be adjusted with trial-error if our server is not very powerful and suffers occasional overloads. For example, you may decide that if there are more than 100 request per minute, all scripts should sleep for 5 seconds to lower CPU load: your web will respond slower, but if you find the right configs server won't go down.

Thank you, by the way, for this essential module.

Regards: Colossus