Slow HTTP attacks are denial-of-service (DoS) attacks in which the attacker sends HTTP requests in pieces slowly, one at a time to a Web server. If an HTTP request is not complete, or if the transfer rate is very low, the server keeps its resources busy waiting for the rest of the data. When the server’s concurrent connection pool reaches its maximum, this creates a DoS. Slow HTTP attacks are easy
![How to Protect Against Slow HTTP Attacks | Qualys Security Blog](https://cdn-ak-scissors.b.st-hatena.com/image/square/60e3686adc6032b55d7391dab2721c48d18297da/height=288;version=1;width=512/https%3A%2F%2Fdum21w3618van.cloudfront.net%2Fimages%2Fslow.jpg)