Spikes like that are usually an indication of denial of service. If that is the case then the next step is to determine if it is from an authenticated account or a non. Every site should take every request and send it through a series of dynamic filters that can be applied as the first step. This allows pattern matching and b/w lists to be applied among others. Hope that helps TS.