I'm not sure I understand your question. Do you mean that you want to secure PHP so it cannot be used as a tool to attack your server or a remote server? Or are you asking how to stop an attack against your PHP site?
The first questions is really about securing Apache and turning off unneeded functions/insecure functions in PHP. Curl/fopen/uploads,configuring Suhosin, etc.
The second question really is about configuring Apache or your web server of choice to handle the connections. The basis of preventing attacks are not attracting them, for one next would be mostly configuring the OS to drop packets/limiting/etc.
True DDoS protection can only be achieved at the network layer. The server configuration is a big piece but it won't buy you stability in a large attack.
As mentioned in my previous post, you're really going to have to elaborate more on what you're looking for. This is really too vague to provide an answer. You may google search, 'harden php5' or 'harden centos' or 'hardening centos against ddos attacks'.