We were having a discussion about Sponge possibly attempting to mitigate DDoS attacks here, then eventually started talking about application layer DoS attacks, and I believe, as far as those attacks are concerned for Minecraft, it may be nice if GriefPrevention could mitigate those attacks. Not DDoS attacks in general, but only the sort that send massive successive join packets to the server. I was hit by one (on an online server) that joined tons of new users into the game, fully logged in, so it stressed out Essentials loading/creating user data, chunk loading, file creation for the new users, etc.
I believe GP has long masked join/leave spam, but not sure about the actual joining and leaving of same-IPs too quickly. I think this may have been added before, but probably had to disable it if it prevented log-in attempts in more extended time-frames, like a minute between log in attempts. I’d rather it just hide the join/leave messages rather than prevent connections entirely in a time frame of a minute or so.
I think it’d be more ideal for layer 7 DoS attempts if GP would prevent connections after maybe 3-5 successive logins from a same IP, disregarding the username entirely, and within a small time frame of just a few seconds. Not sure what sort of caching or performance hit this would entail, and it’s not a common issue I’d suspect, just something to consider.