maximillianos - 7:40 pm on Oct 20, 2010 (gmt 0)
We have had a few attacks over the years. Most recently was last Winter. Fortunately the attacker was using a pattern in the user-agent that we could program apache to ignore.
We then took it a step further and blocked all international traffic, as the bulk seemed to come from outside the US. We have a indexed flat file country-ip mapping that seems to work very fast. It helped eliminate the problem. We have not had any trouble since (knock on wood!). We did upgrade to a monster server (Dual quad-core processors and 10 GB of RAM). Not much slows the server down now a day. Plus we put many of our pages in RAM (using memcache) which also helps alleviate spikes.