Denial of Service (DoS) or Distributed Denial of Service (DDoS) is a powerful attack which prevents the system from providing services to its legitimate users. Several approaches exist to filter network-level attacks, but application-level attacks are harder to detect at the host base firewall. Filtering in application level can be computationally expensive and difficult to scale, while DDoS attacks still creating bogus positives that block legitimate users. In this paper, the authors show application layer DoS attack for HTTP web server using some open source DoS attack tools and also suggest some realistic mechanisms that can protect a web server from application-level DoS attacks especially while attacks targeting the resources including CPU, sockets, memory of the victim server.