Question Preventing DoS attacks by IIS dynamic IP restriction

[phungkha]

Server operating system version

Windows

Plesk version and microupdate number

Version 18.0.44

Hi There,
I am trying to figure out the best values for my server to prevent DOS attacks by IIS dynamic IP restriction as shown in the article (https://support.plesk.com/hc/en-us/...inst-DDoS-attacks-in-Plesk-for-Windows-Server). Is the Default value good enough? if not how to calculate the best value or understand the process?
The following are the two options with a default value

1. Deny IP Addresses based on the number of Concurrent requests from a unique IP Address
   • Maximum number of concurrent requests = 5
2. Deny IP Addresses based on the number of requests over a period of time
   • Maximum number of requests = 20
   • Time Period (In Millisecond) = 200

In the concurrent request, does the image, and page also counted as a request what I mean is if my site contains 6 images.
Very confusing Please help me understand with this calculation

 

[trailhub]

When I used the default settings, my web page would load with many missing images (due to 403 errors) on the first load, but then all images loaded OK after refreshing the web page.
I ended up not using this at all, but I wonder if increasing either of the "Maximum number" values would have helped.