All of our paid plans offer a different number of requests. This is one of the most common metrics you should care about.
What are they and why should you care?
When you are using our free plugin, all attacks are absorbed by your site’s resources. If you are on a shared hosting with GoDaddy or even a managed one or a VPS, your hosting has to use its own resources to process the requests coming from those attacks. Sometimes it can translate into your site running slow or going offline completely.

In fact, this is the most common reason for your site’s slowness because your hosting provider doesn’t have an infrastructure to deflect brute-force attacks. Some do offer DDoS protection, but that’s a different type of service and they normally charge a lot of money for as it puts a huge stress on their infrastructure.
Here’s what a typical WordPress setup looks like:

On this diagram, there is nothing to protect your web and database servers from attacks. Our cloud app extends your infrastructure to work with Amazon’s unlimited resources. It handles the dangerous IP lookups and copies some of your data (related to the plugin) into a server-less data structure on Amazon that’s similar to a database.

The requests are then made without disturbing your database but you have a limited amount of them because they do consume CPU and memory resources of our Amazon infrastructure. Each login attempt can “eat” up 1 to 2 requests. It all depends if the IP is known or not.
We’ve determined that 100K requests per month is sufficient for a site with traffic under 100 visitors per day. As the site becomes more popular 200K or 300K might be needed.
Our wonderful selection of packages allows you to pick the one that will work for you! Or you can purchase additional ones in packages of 100K. Happy defending!