Also, the Strongbox Security SystemTM doesn't just permanently kill a username when it sees the first signs of possible abuse. Unlike the clumsy services that you may be accustomed to, the Strongbox Security SystemTM takes a more measured and precise approach. The Strongbox Security SystemTM has two stages of defense for shared passwords. When it detects a username/password that has probably been compromised, it suspends that username temporarily. At that point it also takes action to reduce the potential load put on your server should there be an extremely large number of people hitting your server, trying, (and failing), to access with that username. If several more people continue to try to login with that same username, the Strongbox Security SystemTM permanently disables the password. It then emails you to let you know that it has detected and taken care of the problem. That doesn't happen all too often because the password sites normally delete the username within an hour after the Strongbox Security SystemTM suspends it.
You can't limit based on the number of files requested, because with thumbnail pages having 40 thumbs on a page it's perfectly normal for the user to request 120 files in one minute. You can't limit based on html pages, because the slurper isn't going to request all that many html pages, he's just going to grab every single pic from each of your gallery pages. Besides you gallery page URL may well be something.cgi or something.php. How is the script to know whether .cgi or .php is an html page or image? You can't limit on bandwidth because you want your user to be able to download a 150 MB mpeg, and get it downloaded as fast as his cable modem will allow. You don't, however, want to let that guy on a much slower connection to download 150 MB of pics every night. On top of all this, if you limit based on either of page hits or bandwidth, you only catch them after they have already done the damage! By the time you detect that they've downloaded 300 MB of stuff in the last hour and you want to kick them out, they've already hit you for 300 MB and put that strain on your server for an hour.
Not only have they strained your server for an hour with such methods, but there will always be a significant strain caused by your protection scheme. Every single time someone requests a page or image the system has to take that information and analyze it with respect to all of the other hits over the last hour to see if the person is over their limit. The Strongbox security systemTM uses a much smarter approach. The Strongbox security systemTM blocks slurping software based on the fact that it is slurping software and not a human, often within seconds of the time they start slurping, before they've even downloaded 1 MB. The the Strongbox security systemTM anti slurp algorithm is well described by looking at every part in that definition - "slurping software and not a human". The Strongbox security systemTM looks to see if it's slurping, hitting every link on the page. the Strongbox Security SystemTM also looks to see if it's software as opposed to a human. Software extracts links, humans click links. If the link was extracted programatically, they are blocked. If the link was clicked, they are not blocked.