I'm pretty sure that by default the DoS protection is totally silent/not logged. We think our DoS config is causing problems. Is there any way to enable logging for the DoS so we can see when it kicks in?
When DoS feature ban an IP, it will be logged into error.log at "NOTICE" level. something like
" ... is over per client soft connection limit ..." or "... Reached per client connection hard limit ..."
