Eu aconselho você a configurar o mod_evasive no Apache.
mod_evasive is an evasive maneuvers module for Apache that provides evasive action in the event of an HTTP DoS attack or brute force attack. It is also designed to be a detection and network management tool, and can be easily configured to talk to ipchains, firewalls, routers, and more. mod_evasive presently reports abuse via email and syslog facilities.
Para instalá-lo no Debian:
apt-get install libapache2-mod-evasive
Edite então o mods-available / evasive.conf. Seus valores podem variar dependendo de quantos vhosts você tem no servidor.
<IfModule mod_evasive20.c>
DOSHashTableSize 2048
DOSPageCount 50 <---- visites to site in the given time
DOSSiteCount 500 <---- to pages
DOSPageInterval 2.0 <---- 2 seconds
DOSSiteInterval 1.0
DOSBlockingPeriod 600.0 <--- seconds
DOSLogDir /var/log/apache2/evasive
DOSWhitelist 127.0.0.1
DOSWhitelist x.x.x.*
</IfModule>
Você também pode estar interessado em serviços comerciais como CloudFlare ou Amazon CloudFront .