OwnCloud spammed? How? You setup users on it so no one else but those you have decided to allow, can access it. I've been running OwnCloud on my server for few years now without issues what so ever. You can, if you want to, restrict the IP addresses allowed to access it in OwnCloud configs, or Apache configs if you so prefer but I don't really see the point if you want it to be accessible from www.
If you are worried about brute force attempts (haven't had single one yet), you can use fail2ban to protect against that.
I use mine to share calendars & contacts between all my devices (laptop, desktop, tablet & phone). My server setup is relatively simple, I only allow https, no http to https redirects and all traffic that doesn't match specific URL will be redirected to google.com. There have been occasional drive-by scans of the server who all have been swiftly pointed towards google.com, let them try hack that