Yes, the problem with restricting by date is that if you get hit by an attack which generates a billion page requests in a day, your server will run out of disk.
So we have to restrict by number of records. We could add an option for the administrator to specify how many records they want to keep?