1

I'm using Apache Tomcat 7 to run my webapp on Linux. I scanned it by Acunetix and it's telling me that my webapp is vulnerable to "Slow HTTP Denial of Service Attack". How can I protect it?

Acunetix is reffering me to here, but it's about securing Apache, not Tomcat.

MadHatter
  • 79,770
  • 20
  • 184
  • 232
Amin Sh
  • 131
  • 1
  • 6

1 Answers1

1

Tomcat Security Team understands that this isn't a tomcat issue. See here.

You can fix it by configuring a firewall (an example with iptables is discussed here) or putting an Apache HTTP server in front off the tomcat server and configure it as described here.

Community
  • 1
Bob Rivers
  • 516
  • 5
  • 13