I've never had anyone try to spam via cbb. One thought - do you allow anonymous postings/comments/reporting in cbb?

I think it's better to do it directly from Apache with .htaccess .
This way you don't loose processing power on Protector to analyze the request and checking for the IP's.
Also you prevent that malicious requests could destabilize Protector or XOOPS.

TITLE: [ABUSE #XOX-135044]: AUP Violation : CPU Resource Abuse on yoursite.com

Kindly be informed that your domain 'yoursite.com/community/modules/newbb' has been found overloading the CPU Resources on the server. We hereby attached a screen shot of your domain CPU usage for your references. For your information, the maximum allowed CPU consumption domain is 100Mhz, which is 3.34% of the total CPU resource.

Currently the folder for newbb has been change ownership so that it wont continue on overloading the server.

Your kind co-operation in this matter is highly appreciated. Please do contact us if you need further details.

You may refer to the URL below on SHARED SERVER RESOURCE ABUSE policy set by our company
http://www.exabytes.com.my/about/legal/aup/#H-resource

It is recommended for you to subscribe to our Linux Semi Dedicated Server
http://www.exabytes.com.my/products/semi-dedicated/linux.html

If you have any enquiries, please do not hesitate to contact us. Thank You.