A simple protection against DDOS in PHP?

anti-DDoS "at the level of php" in itself is nonsense, by definition. You can optimize your code to take less memory, less processing time, less "long" database queries, etc. But it all makes sense to do so, as a rule, not in trying to fight off a DDoS.
On the basis of php code, you can bungle IDSthat are successful and make some.

before return the page to put the html in the cache (redis, memcached, and the key constructed from the query and critical cook), and in index.php to most to check the presence of flag "increased load". if the flag is not to ship the php code, and give the page from the cache.
\r
the flag could be a file — for example the cron to check the load on the server and create /tmp/ddos, if it is raised

When DDOSят, put the main task is to bend a particular service or the entire server.
Defending against BTC for a nice surprise using php, special advantages in most cases will not bring (well, except that, e.g., removes the burden from the DBMS). And the channel will remain pocketed, all connections complete, Apache will thresh the maximum number of processes that someone's gonna eat up the remnants of free memory... And there's not only the users of the service will be difficult to get to the site, but the admin over ssh.
\r
DDOS protection is always a holistic approach, otherwise there is no protection.

Even with an average DDoS script like
\r<?php<br/>echo "123";
?>
\r
will take 100% of CPU.
\r
On the contrary, the goal of DDoS defense is to prevent spam PHP scripts, nginx.

Agree half of the sites Runet fall down easy ab
add a normal caching them saves you from a lot. I especially want to mention "memcached"
\r
but DDoS is different, can simply "score channel" if the iron cope.
but tutzhe means nginx or iptables can be on the knee to compete...

If your script tag is the first thing to climb for example in Menkes and check how many connections per minute was from the same address that now, and if less than threshold, then the connection to close, then in theory with a small DOS you can do it. However if it's the same criteria will form .htaccess with deny from directives — will be faster. And if by chance in front of Apache with nginx is, there is a chance that your site will even work.

How are you going to protect itself from attack with at least 20 000 IP? With the help of PHP?
\r
This is how to use a small digging tool, but the cool foreign firms for protection from "primitive" nuclear strike.