Just wondering if it was a good idea to have Protector automatically add IP's listed as being the origin of the most attacks into the banned IP's list?

If you have a look at http://www.dshield.org/top10.php they have a list of the IP ranges that are being reported as trying to attack other people. This list is updated several times a day, and is based on submissions from millions of routers worldwide (they had close to 1 billion records submitted last month). The even have some example scipts for automatically updating your block lists;

http://www.dshield.org/block_list_info.php

The Protector module has been performing amazingly well. Rogue bots or downloaders have been my public enemy number 1. The Protector module has been able to feed them "0" and terminate their crawlings. I no longer bother adding the IPs into the banned list unless they were dynamic IPs and I wanted to ban the whole sub-set of the net.

Your situation may vary but in my case, it is really not necessary to add automatically by the Protector. Another point - this way it will not clutter your banned list. You really don't want a mile long banned list in your database.

The beauty of the Protector module is that it is real-time re-active against any attacks. I used to check my logs every morning to find out who the bad guys were the previous day and then decided to add them into an htaccess file or the banned list. Thanks to the Protector module, admin has become simpler.

hi brash.

Although it is interesting enough, I won't implement it so soon.

That's because, they are listed as attacker for XOOPS sites.
Perhaps, they almost target another vulnerable applications.

Anyway, such a cooperating methods for protecting sites must be useful for protecting from mail SPAMs, commenting SPAMs, or some kind of ScriptKiddies.