6
I do not think (I have to be carefull with what I say, or GIJOE...) that the protector module actually helps against really large (read normal) DoS attacks.
Most DoS attacks just rely on the fact that servers will get overloaded with data and the server won't got any time left to respond on legal requests.
As far as I remember the protector module it uses the built in XOOPS IP ban system so that XOOPS no longer provides data to those IP's. However, still each requests of that attack is being parsed (Apache reads request; php loaded; XOOPS loaded; XOOPS loads MySQL database; XOOPS reads settings in database -> notice IP is blocked, blocks output, exit() command executed; Apache responds with empty page)
So, despite of the fact it might slow down a large attack a moment, it won't really help. Apache still responds to those requests and that should not happen. In my eye's, unless you are running a hosting company you don't have to worry about DoS-attacks. Your hosting provider should block them on server level.
Ofcourse this is just one feature of the protector module, I prefer not to discuss other functions
.