As always, nginx comes to the rescue:
sysoev.ru/nginx/docs/http/ngx_http_core_module.html#try_files

1) Do you have nginx installed, or does Apache give statics?
2) include() interprets your cache/ID.html, so it needs to be replaced with readfile .
3) If nginx is installed like that, readfile is also not ice, use the X-Accel-Redirect header to pass nginx a link to the file that it will need to give.
But judging by the fact that you have CGI, nginx is still not worth it. So the first thing to do was to transfer php to a normal protocol. If possible - FastCGI, if not, on Apache+mod_php.

why do you care about attendance of topics under DDoS?

A fairly simple and effective and universal method - in the html code, set any cookie with JavaScript. In index.php at the very beginning you add a banal code,
if (!isset($_COOKIE['mycookie'])) {exit;}
as an option, in addition to exit, you can add the function of adding the ip to the firewall blacklist (you can temporarily through ipset), in case someone did not come through the cookie.
True, you need to slightly alter the structure of the site so that the first time the user goes to the html page that will set the cookie, and only then follow the link to php.
If this is not possible, then something like this: in this case, all new users will see the link “To enter the site, follow the link”, and after clicking it, they will receive a cookie and enter the site.
if (!isset($_COOKIE['mycookie']))
{
setcookie('mycookie','some_cookie_text',time()+60*60*24*300,"/",".адрессайта.домен");
echo 'Для входа на сайт перейдите по ссылке';
exit;
}


The first thing is to take care to get off php-cgi - it's terrible!
Apache + mod_php is easy to set up and performance will increase.
Secondly, put eAccelerator, it will increase the speed of php from 2-10 times, since it will not be necessary to constantly rebuild into the opcode.
Well, DDoS must be closed with a firewall, or at least iptables by looking at the ranges of ip addresses

Even in the last question I wanted to tell you that since php is called in principle, then this is no longer static. But I could not immediately come up with a record of attendance for each topic, except through periodic parsing of logs.

No wonder I wrote today: http://bkmz.org/425/zashtita-ot-ddos-iptables

"include('cache/ID.html');" - stupid idea, normal reading of the file and its output will be better. Better yet, keep that page in memory rather than in a file.

it's all leftist.
you have two problems:
1. ddos ​​- not programmers in php are struggling with it, but admins in the same iptables, they should know this better than us.
2. caching-to-file optimization is a good idea, but its main idea is not to raise apache + php. if this heavy bunch has already risen, then the optimization will be relatively matched. you need one rule in rewrite
ReqriteCond /var/www/.../%{REQUEST_FILENAME} !-f RewriteRule ^(.*).html create_cache.php
?id=$1
if available, it will be given simply, easily and very quickly to plain html

Please, take a look at the report about Varnish + Redis + JavaScript in Novosibirsk at Devpoint 2. I told how we defeated such a problem with small resources, maybe it will help ...