Mitigate DDoS Proxy attack

view story

http://serverfault.com – In last days my apache is being attacked by many connections from proxies. I've identified the source but could not block the attack effectively. The attacker seems to be using pyloris or a variation of this to attack my apache on port 80. I installed nginx and varnish but not enough to support the extra load. I also added a rule in iptables to drop packets that contain the string "X-Forwarded-For" but does not block all the proxies. Does anyone have a suggestion? (HowTos)