I’m not sure that I would be too concerned about that unless it turned into an issue of some sort. That is, if you were dealing with downtime, that’s another issue – but it sounds like your server handled the issue.
That is, when dealing with a SYN flood, sending “cookies” is designed to mitigate that issue… which means your system is handling it for you, you don’t need to do anything.
There are a number of Apache modules out there designed for handling various types of DoS attacks – mod_qos and mod_evasive are two of those. But unless you found that your server was being negatively impacted by attacks, I’m not sure that I would recommend adding the additional complexity of a new Apache module.
ok, I understand now, than I will not install external modules as they are not needed in this case…
And yes I think that server handled it just fine because there was no high network usage or cpu usage …