Mostly works, but there do exist a couple of botnets that contain 1 million compromised machines. If each makes one request before hitting backoff, spread evenly throughout the day, that's about 10 QPS alone before they use an IP number twice. But they tend to not actually level out their usage (which is a bummer - if they did they could have kept using it). Instead they hit with a lot of parallel queries all at once.
There's only so much you can really do when your underlying resource is so limited. Luckily the value of the query is lower than the cost of a recaptcha solve, so the attackers moved on to some other target.
Ironically I could now turn off the endpoint protection (or have it responsive to traffic load), until the attackers return. I shall not go into too many details, no need to give people a map.
There's only so much you can really do when your underlying resource is so limited. Luckily the value of the query is lower than the cost of a recaptcha solve, so the attackers moved on to some other target.
Ironically I could now turn off the endpoint protection (or have it responsive to traffic load), until the attackers return. I shall not go into too many details, no need to give people a map.