I'm using Apache Tomcat 7 to run my webapp on Linux. I scanned it by Acunetix and it's telling me that my webapp is vulnerable to "Slow HTTP Denial of Service Attack".
How can I protect it?
Acunetix is reffering me to here, but it's about securing Apache, not Tomcat.
Best Answer
Tomcat Security Team understands that this isn't a tomcat issue. See here.
You can fix it by configuring a firewall (an example with iptables is discussed here) or putting an Apache HTTP server in front off the tomcat server and configure it as described here.