LEM vulnerability, how to solve it?

Becauseinformation securitypolicy,

Vulnerability scanningmust bedoneusingIPS,

There is avulnerabilityscan results follows,

How do Irepairit ?

HTTP Server Prone To Slow Denial Of Service Attack

CVE-2007-6750 CVE-2009-5111

Description:
A denial of service vulnerability is present in some HTTP servers.

Recommendation:
Upgrade the Apache HTTP Server to the latest version that has "mod_reqtimeout" module support available by default.
Then enable the module "mod_reqtimeout" and configure it to set the timeout and minimum data rate for receiving requests,
An example configuration is as below:
<IfModule reqtimeout_module>
RequestReadTimeout header=10-20,minrate=500
RequestReadTimeout body=10,minrate=500
</IfModule>
http://httpd.apache.org/docs/trunk/mod/mod_reqtimeout.html
For customers who are not ready to use "mod_reqtimeout" module a workaround is to decrease the "Timeout" setting for Apache to 10 seconds or less, instead of the default
5 minutes (300 seconds), in the Apache web server configuration file.

Example:
TimeOut 300
https://httpd.apache.org/docs/2.0/mod/core.html#timeout
Particular considerations have to be taken into account depending on each organization and the type of clients expected to connect to their web servers.
HTTP servers that use the asynchronous I/O technique are not vulnerable to this attack. Some of those servers are: lighttpd, nginx, Apache's experimental event MPM, IIS 6,
IIS7, Cherokee, etc.

Observation:
Apache HTTP Server is a widely used Web server. Apache -and other Web servers- bound each connection to a different process or thread.
A denial of service vulnerability is present in some HTTP servers. The DoS occurs because the server allows incomplete connections to stay open for an unnecessary period
of time. Processes are a limited resource, and thus the server cannot have infinite connections but instead a limited number of clients connected at the same time. The attacker
will create multiple slow incomplete connection requests to the server causing it to reach the connections limit and make the server to stop responding to other legit requests.

Common Vulnerabilities & Exposures (CVE) Link:
CVE-2007-6750 CVE-2009-5111