Securing Apache gainst DoS

Securing Apache gainst DoS

Hi i have an apache server 2.2 with php (magento) scripts.
in normal times a php page renders in 1-2 sec, which is ok.
Sometimes at high traffic or crude spider bots all Apache-Slots are blocked.
The single requests run verry slow and use more and more memory until
mysql calls the oom-killer, which kills my needy tomcat.
First i tried mod_evasive. But if i configure it too strict i can't browse
snappy, if i configure it too loose the requests can come faster then they
can be processed.
The problem are the php files. Other resources like images etc wont
obstruct the slots.
Second i tried to limit it by lowering MaxClients. But now one client can
obstruct all slots.
Any idea how to limit maximum connections per client or better maximum
simultan php scripts per ip...
How are other Apache client configured to avoid more requests than they
can process without favoring any client?