I intend to compile a list of suggestions from this article and discuss those with iFastNet. Compressing/minifying the aes.js file won’t help address the fundamental issues we’ve been discussing here, but it seems like a straight forward improvement to me.
It would have to be a short lived ban in combination with reasonable limits. All it needs to do is prevent someone from hammering the server, not replicate the “three strikes” system that currently exists. Just something to stop the repeating loop.
You could even limit it on IP+User Agent to reduce the impact somewhat.
It’s useful against one very specific type of DDoS. It’s indeed useless against all others. The usefulness is limited, but it’s definitely there.
Cellular network is 1 IP, every hotspot is 1 IP, but you may have to move around to access different hotspots, VPNs can provide multiple servers, but have limits on the number of connections you can use at any time. But you could use multiple VPN providers, depending on your system and it’s networking stack.
With some effort you could maybe get a dozen simultaneous IPs active. It’s simple enough to block them all. URLs, user agents, etc. can all be filled with unique values so you can have thousands or millions of unique entries with little effort.