Hi @Martin Kruger ,
I'm assuming you used https://blog.qualys.com/vulnerabilities-research/2011/11/02/how-to-protect-against-slow-http-attacks to determine which settings you can/should adjust and still encountering the error. I would advise isolating the request and identifying the client that's causing these slow requests. https://blog.qualys.com/vulnerabilities-research/2011/07/07/identifying-slow-http-attack-vulnerabilities-on-web-applications list out some suggestions on how to identify slow requests if you haven't seen it already. I also suggestion enabling Application Insights to gain more visibility in the contents and performance of requests that are slower than others. If you already done these steps, the please reply to comment down below.