Bad Behavior logging not scalable

Issue Summary

We had a site go to its knees under heavy server load, and tracked the problem to bad behavior.

Our sysadmin's investigation showed that

the bad_behavior module is making a query that isn't optimized correctly. It is currently doing a search through 13000 records on each request (without any indexing), which is hammering the server.

mysql> explain SELECT `ip` FROM `bad_behavior_log` WHERE `ip` LIKE '65.214.44.29' AND `http_response` = 403;
+----+-------------+------------------+------+---------------+------+---------+------+-------+-------------+
| id | select_type | table            | type | possible_keys | key  | key_len | ref  | rows  | Extra       |
+----+-------------+------------------+------+---------------+------+---------+------+-------+-------------+
|  1 | SIMPLE      | bad_behavior_log | ALL  | NULL          | NULL |    NULL | NULL | 13485 | Using where |
+----+-------------+------------------+------+---------------+------+---------+------+-------+-------------+

"

If I'm reading this correctly, then bad_behavior_log is just for logging ip addresses, so it should only affect users when logging is turned on.

That being said, the "IP" column on that table is of type "TEXT" (as are the majority of the fields in that table) as opposed to a VARCHAR.. This makes it difficult to index short of using a FULLTEXT index, which is extremely inefficient.

We've disabled the logging on the module for our sites -- for 4.7 sites, too. Sorry, no patch at the moment.