This is where the power of Linux and IPTables comes into play.
I built a website, can't say which, constantly under heavy DDoS attacks and when that didnt work they went for the resource starvation - couldn't get a remote shell, was so slow had to run down to the server room :(
Anyway, with attacks against HTTP servers real idiots usually use a common element with their scripted efforts and using an IPtables string match to silently drop traffic is very easy to do.