Parsing through about 2 million lines worth of logs right now after running a sample on the first 5 minutes. Will likely be banning some IPs based off what I saw in the 5 minutes (people with over 1000 requests for work but less than 10 results sent back, some with 0).
How about deny everything and have people enter their worker IPs when they setup workers. Then just open up the source IP for each worker.
Do this.
Edit: better still how about tunnelling the workers in and shutting EVERYTHING else out?
Here,
Simplest implementation to secure mining traffic and make shutting out DDOS easier;
miners run something like this in a terminal
$ ssh -L 8332:btcguild.com:8332 username@shellserver
need username and passwords for ssh (do nothing else but login and connect to bitcoind_server on port 8332)
and they can run their miners using this
./poclbm.py -d1 --host=localhost --port=8332 --user=worker_name --pass=worker_password
(make sure no local bitcoind using 8332, e.g. solo mining, so could also change that but kept it simple to begin with).