The solution for XAMPP is very easy:
XAMPP is created and preconfigured as local development environment not as production environment (and especially not ready for internet access).
I don't know how it is for you, but on my very local development machine the risk of beeing victim of network attacks is very small (exept i use Slowloris by myself).
To learn more about protection against Slowloris, i recommend reading
the following @ wikipedia