ModSecurity Advanced Topic of the Week: Mitigating Slow HTTP DoS Attacks

With the recent OWASP AppSec DC presentation on Slow HTTP POST DoS attacks, the issue of web server platform DoS concerns have reached a new high.  Notice that I said, web server platform and not web application code.  The attack scenario raised by slow HTTP POST attack is related to web server software (Apache, IIS, SunONE, etc...) and can not be directly mitigated by the application code.  In