Yes, the way we're staving off the DOS attacks (which are STILL happening, I might add), are by simply throwing away requests that appear to be "malformed". Unfortunately, some perfectly good requests get caught in the trap too.
Trust me, I'm more pissed off about this than anyone, but at least the site is MOSTLY functioning. And once whomever is responsible GROWS THE HELL UP, we'll be better than ever.