Making Site Swaloris Dos attack proof and WAF

We have a PHP (Core PHP and Smarty) based portal. We need to make this site Slowloris Dos attack proof and need to build a WAF to site. We need only experienced security experts with knowledge on server and PHP coding This shall be audited by independent Security auditor once they certify the site as DDos attack proof only milestone shall be released. However, making site DDOs proof and enabling should not effect current functionality and API communications. You could either use any opensource tool or Sucuri , but the current functionality such as both HTTP and HTTPS should not be effected and users should not get denies on updation etc Please give a sample site links you have made DDos proof we would check and share url of site once satisfy with the same Thank you