You can set up mod_security to rate limit access from a single IP. If you want to go one level higher, you can configure mod_security with WAF capabilities. There's plenty of examples of this.