Hey guys,

Sorry for the long delay in responding, we have ended up going with prefork and everything seems to be stable with it - a slightly higher load perhaps, but stable none the less :)

We were never able to figure much out, even with 'guessing' and randomly disabling the extra modules :-/

On 02/13/2013 06:49 PM, Breno Silva wrote:
We have a lot of users running Apache worker and prefork. However to be honest i don't remember anyone that contact me using event. So, as i never saw a report about this issue using worker and prefork... you can try both and send us a feedback.

Thanks

Breno

On Wed, Feb 13, 2013 at 10:14 PM, Rainer Jung <rainer.jung@kippdata.de> wrote:
On 13.02.2013 19:21, Curtis Wood wrote:
> Hi Guys,
>
> Yes, mpm-event is experimental - and now with everything coming to
> light, that may be the whole problem along with the apr not being thread
> safe it sounds like?

The event MPM itself should not be the problem. The APR libraries were
originally developed as a basis for Apache 2 and many of the Apache devs
are also APR devs.

But the threaded nature of the Apache processes when using the event or
worker MPMs means that all modules must be programmed thread-safe too.
Most of the popular ones are though.

> After talking it over some we may just go with the prefork.

If that is an option for you, chances are good the problem vanishes.

> On the actual system - sry about that :-P We are on Linux X86_64, CentOS
> 5.9 - On the extra modules, we have ssl,fcgi,passenger,bw_limited and qos

Ah, lots of 3rd party. You could try to update to latest versions of
those. I don't have an indication, that those have a problem though.

> On when it happens - it can be at any time, originally when this came to
> light on a single site VPS, you could randomly click links to trigger it
> after a few minutes - while, clicking the same link twice would not
> guarantee anything. On the main servers which get a lot more traffic, it
> can be anywhere from hours to days.

ACK.

Rainer


------------------------------------------------------------------------------
Free Next-Gen Firewall Hardware Offer
Buy your Sophos next-gen firewall before the end March 2013
and get the hardware for free! Learn more.
http://p.sf.net/sfu/sophos-d2d-feb
_______________________________________________
mod-security-developers mailing list
mod-security-developers@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-developers
ModSecurity Services from Trustwave's SpiderLabs:
https://www.trustwave.com/spiderLabs.php



------------------------------------------------------------------------------
Free Next-Gen Firewall Hardware Offer
Buy your Sophos next-gen firewall before the end March 2013 
and get the hardware for free! Learn more.
http://p.sf.net/sfu/sophos-d2d-feb


_______________________________________________
mod-security-developers mailing list
mod-security-developers@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-developers
ModSecurity Services from Trustwave's SpiderLabs:
https://www.trustwave.com/spiderLabs.php