Apache HTTP Server

How to protect Apache from slow post attack?

Good day!
Prompt as practically to protect Apache from this misfortune. The options below and the module do not help:

<IfModule reqtimeout_module>
  # Allow 10 seconds to receive the request including the headers and 30 seconds for receiving the request body:
  RequestReadTimeout header=10 body=30

  # Allow at least 10 seconds to receive the request body. If the client sends data, increase the timeout by 1 second for every 1000 bytes received, with no upper limit for the timeout (exept for the limit given indirectly by LimitRequestBody):
  RequestReadTimeout body=10,MinRate=1000

  # Allow at least 10 seconds to receive the request including the headers. If the client sends data, increase the timeout by 1 second for every 500 bytes received. But do not allow more than 30 seconds for the request including the headers:
  RequestReadTimeout header=10-30,MinRate=500

  # Usually, a server should have both header and body timeouts configured. If a common configuration is used for http and https virtual hosts, the timeouts should not be set too low:
  RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500
</IfModule>

The server is responding, but very slowly. The server is home and is used for personal purposes, it will not work to place it outside the home, because it must be available even in the absence of the Internet. It is also impossible to close access from the outside.
Additional: the server runs under Windows.
Extra2: I went to read Apache security tips because today it was completely hot, 6 MB log with 408 errors in a couple of hours, despite the fact that I was sitting and manually banning by IP.
Add3: Found an error in my configuration!
It turns out that I did not comment out the extra and did not even pay attention to this fact, corrected:

<IfModule reqtimeout_module>
  # Usually, a server should have both header and body timeouts configured. If a common configuration is used for http and https virtual hosts, the timeouts should not be set too low:
  RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500
</IfModule>

The server stopped slowing down, the problem seems to be solved. Since the attack is not over yet, I'll wait a bit, maybe I'll dig up something interesting :)
Extra4: The attack ended, surprisingly with the onset of midnight UTC + 4, or I just banned all IPs by this time or the resources on the other side were cleaned up. I can say one thing: there was nothing to do for morons who, with the help of several dozen servers, ddosed a small web server that was shabby and unnecessary to anyone. People ... although, rather, bots.