Create RequestLimiting plugin
A RequestLimiting plugin would prevent a single IP address from requesting more than a certain number of images per minute.
DOS and DDOS attacks are already blocked by GDI's memory allocation requirements, but this would allow more granular control.
This is an issue that my company is very concerned about. It wouldn't take anyone more than 5 minutes and a single while loop to really kill a server by doing this
Does anyone have any simple and elegant solutions for this other than providing a white-list of valid query-string options?