yeah i was guilty too early on when i accidentally set my cronjob renewal to every second heh
no possible solutions to put in place before it enters the actual database ? i.e. redis cache, memcached, elasticsearch, sphinxsearch as a layer or clustered layer in front of the actual database ? maybe also account for backend database actual load at time of requests for a dynamic rate limit/flood gate ?
maybe a layered approach like how nginx does rate limits with average and a burst limit. So maybe you can have a burst limit which denies those massive abusive flood type requests ?