Unfortunately the "Page" count is per URL, not per URI, so requests to eg. the same php file which vary by query parameters all get lumped together. We had one site that calls I think an export.php file repeatedly with different parameters, to get sets of some data exports every few minutes (they might have even had a compounding authentication issue, where a request was made without http authentication, got an error, then retried with authentication credentials - for every single request made). We've been good with 24 for DOSPageCount so far, or at least good enough, because I haven't had any complaints. For DOSSiteCount, I actually just increased from 90 to 180 last week, as we had legitimate requests (looked like a wordpress user loading the block editor on a site with many plugins) exceeding that (might have peaked at 115 / sec?). I might start looking at increasing DOSSiteInterval a bit to accommodate spikes but still catch ongoing "high" request rates. I don't know how useful mod_evasive will remain long term as req/sec continue to increase, it's almost too simplistic.