Are you saying that OP is trying to do denial of service attacks? Stopping random users from accessing web sites isn't thwarting a DOS attack. If they classify random users as part of some bot net, it sounds like their algorithms are buggy.