Just incase you didnt know Slowloris holds connections open by sending partial HTTP requests. It continues to send subsequent headers at regular intervals to keep the sockets from closing. In this way webservers can be quickly tied up. In particular, servers that have threading will tend to be vulnerable, by virtue of the fact that they attempt to limit the amount of threading they'll allow. Slowloris must wait for all the sockets to become available before it's successful at consuming them, so if it's a high traffic website, it may take a while for the site to free up it's sockets. So while you may be unable to see the website from your vantage point, others may still be able to see it until all sockets are freed by them and consumed by Slowloris.

Do as i say below:

Increase maxclients in apache or nginx it should help some

also run

iptables -I INPUT -p tcp --dport 80 -m connlimit --connlimit-above 20 --connlimit-mask 40 -j DROP

It will limit one host to 20 connections to port 80 only

if you have mod Qos installed take a look at your config adjust it as so.

## QoS Settings
# handles connections from up to 100000 different IPs
QS_ClientEntries 100000

# will allow only 50 connections per IP
QS_SrvMaxConnPerIP 50

# maximum number of active TCP connections is limited to 256
MaxClients 256

# disables keep-alive when 70% of the TCP connections are occupied:
QS_SrvMaxConnClose 180

# minimum request/response speed (deny slow clients blocking the server):
QS_SrvMinDataRate 150 1200

# and limit request header and body:
LimitRequestFields 30
QS_LimitRequestBody 102400




You may or may not have it installed how ever.