SYN Flood Advice
I would use a firewall at the network perimeter to prevent\remediate SYN flood attacks (as well as DOS, DDOS, spoofing, port probes, address space probes, etc.). I don't want this type of stuff getting into my internal network, where I'll have to deal with it on a machine by machine basis.
Since I am not an expert in iptables, I generally let one of two firewalls handle this for me. Both APF and CSF are great firewalls when it comes to protection from SYN attacks, as well as a multitude of other ways folks can attack your server.
I do not know your specific configuration, but I have used both of the said firewalls on "general" cPanel/DirectAdmin/Plesk servers as well as some with custom services and it works great once you allow the right ports.
Separately, you may wish to turn on SYN Cookies, which helps mitigate attacks where SYN is left open. Both of the above scripts have this as an option.