Hello Chris,
Thank you for your answer.
> Apache ships with mod_evasive that allows you do this. I have used
this in the past with some success. The other alternative I am aware of
is to use mod_security.
It looks interesting.
> I am not aware of anything that will run directly in front of
Léa,
> Below is what I would like to ask you:
> How do you usually protect your "Tomcat" servers and Webapps from (D)DOS
> ((Distributed) Denial-of-service) attacks?
If you allow the DOS traffic to make it all the way up to the
application layer before you detect it, then the DOS will still have
