Shutting off port 80 is not a good idea. That will shut off all access to Apache. You may want to consider Mod_dosevasive if you are using Apahce and it temp bans attacking IPs. If it gets more serious, block it on your IPtables and if it gets even worst, contact your upstream.
You could try limiting the Maximum number of http process spawning using MaxClients setting in httpd.conf file. This will help reduce the memory filling up.
You could also try, lsof -p $p ( where $p is any process id of the httpd spawned list ). You could narrow your search using this, by listing out the files in memory, thereby finding out the domain having issues.
And checking out the access log list should give you the details about the ip and server from where its coming from.