Anyone know how a service that requires an account and API keys can suffer from a DDoS attack impacting their API?<p>Does that mean their API servicing infrastructure is the same as their public front end? Or that they're just unwilling to stop new account sign ups at the expense of existing users?